chef 15.0.300-universal-mingw32 → 15.1.36-universal-mingw32

Sign up to get free protection for your applications and to get access to all the features.
Files changed (1983) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +94 -93
  3. data/LICENSE +201 -201
  4. data/README.md +64 -64
  5. data/Rakefile +81 -80
  6. data/bin/knife +24 -24
  7. data/chef-universal-mingw32.gemspec +22 -22
  8. data/chef.gemspec +60 -60
  9. data/distro/powershell/chef/chef.psm1 +459 -459
  10. data/ext/win32-eventlog/Rakefile +53 -53
  11. data/ext/win32-eventlog/chef-log.man +56 -56
  12. data/lib/.DS_Store +0 -0
  13. data/lib/chef.rb +35 -35
  14. data/lib/chef/.DS_Store +0 -0
  15. data/lib/chef/action_collection.rb +252 -252
  16. data/lib/chef/api_client.rb +228 -228
  17. data/lib/chef/api_client/registration.rb +200 -200
  18. data/lib/chef/api_client_v1.rb +326 -326
  19. data/lib/chef/application.rb +415 -409
  20. data/lib/chef/application/apply.rb +225 -225
  21. data/lib/chef/application/client.rb +546 -546
  22. data/lib/chef/application/exit_code.rb +157 -157
  23. data/lib/chef/application/knife.rb +222 -222
  24. data/lib/chef/application/solo.rb +377 -377
  25. data/lib/chef/application/windows_service.rb +338 -338
  26. data/lib/chef/application/windows_service_manager.rb +205 -205
  27. data/lib/chef/applications.rb +4 -4
  28. data/lib/chef/blacklist.rb +81 -81
  29. data/lib/chef/chef_class.rb +248 -248
  30. data/lib/chef/chef_fs.rb +59 -59
  31. data/lib/chef/chef_fs/chef_fs_data_store.rb +870 -870
  32. data/lib/chef/chef_fs/command_line.rb +291 -291
  33. data/lib/chef/chef_fs/config.rb +284 -284
  34. data/lib/chef/chef_fs/data_handler/acl_data_handler.rb +26 -26
  35. data/lib/chef/chef_fs/data_handler/client_data_handler.rb +39 -39
  36. data/lib/chef/chef_fs/data_handler/client_key_data_handler.rb +11 -11
  37. data/lib/chef/chef_fs/data_handler/container_data_handler.rb +35 -35
  38. data/lib/chef/chef_fs/data_handler/cookbook_data_handler.rb +38 -38
  39. data/lib/chef/chef_fs/data_handler/data_bag_item_data_handler.rb +67 -67
  40. data/lib/chef/chef_fs/data_handler/data_handler_base.rb +207 -207
  41. data/lib/chef/chef_fs/data_handler/environment_data_handler.rb +40 -40
  42. data/lib/chef/chef_fs/data_handler/group_data_handler.rb +55 -55
  43. data/lib/chef/chef_fs/data_handler/node_data_handler.rb +36 -36
  44. data/lib/chef/chef_fs/data_handler/organization_data_handler.rb +36 -36
  45. data/lib/chef/chef_fs/data_handler/organization_invites_data_handler.rb +17 -17
  46. data/lib/chef/chef_fs/data_handler/organization_members_data_handler.rb +17 -17
  47. data/lib/chef/chef_fs/data_handler/policy_data_handler.rb +48 -48
  48. data/lib/chef/chef_fs/data_handler/policy_group_data_handler.rb +33 -33
  49. data/lib/chef/chef_fs/data_handler/role_data_handler.rb +40 -40
  50. data/lib/chef/chef_fs/data_handler/user_data_handler.rb +29 -29
  51. data/lib/chef/chef_fs/file_pattern.rb +301 -301
  52. data/lib/chef/chef_fs/file_system.rb +431 -431
  53. data/lib/chef/chef_fs/file_system/base_fs_dir.rb +47 -47
  54. data/lib/chef/chef_fs/file_system/base_fs_object.rb +187 -187
  55. data/lib/chef/chef_fs/file_system/chef_server/acl_dir.rb +65 -65
  56. data/lib/chef/chef_fs/file_system/chef_server/acl_entry.rb +67 -67
  57. data/lib/chef/chef_fs/file_system/chef_server/acls_dir.rb +75 -75
  58. data/lib/chef/chef_fs/file_system/chef_server/chef_server_root_dir.rb +196 -196
  59. data/lib/chef/chef_fs/file_system/chef_server/cookbook_artifact_dir.rb +38 -38
  60. data/lib/chef/chef_fs/file_system/chef_server/cookbook_artifacts_dir.rb +106 -106
  61. data/lib/chef/chef_fs/file_system/chef_server/cookbook_dir.rb +208 -208
  62. data/lib/chef/chef_fs/file_system/chef_server/cookbook_file.rb +78 -78
  63. data/lib/chef/chef_fs/file_system/chef_server/cookbook_subdir.rb +61 -61
  64. data/lib/chef/chef_fs/file_system/chef_server/cookbooks_acl_dir.rb +42 -42
  65. data/lib/chef/chef_fs/file_system/chef_server/cookbooks_dir.rb +105 -105
  66. data/lib/chef/chef_fs/file_system/chef_server/data_bag_dir.rb +76 -76
  67. data/lib/chef/chef_fs/file_system/chef_server/data_bag_entry.rb +19 -19
  68. data/lib/chef/chef_fs/file_system/chef_server/data_bags_dir.rb +67 -67
  69. data/lib/chef/chef_fs/file_system/chef_server/environments_dir.rb +56 -56
  70. data/lib/chef/chef_fs/file_system/chef_server/nodes_dir.rb +51 -51
  71. data/lib/chef/chef_fs/file_system/chef_server/org_entry.rb +35 -35
  72. data/lib/chef/chef_fs/file_system/chef_server/organization_invites_entry.rb +65 -65
  73. data/lib/chef/chef_fs/file_system/chef_server/organization_members_entry.rb +64 -64
  74. data/lib/chef/chef_fs/file_system/chef_server/policies_acl_dir.rb +41 -41
  75. data/lib/chef/chef_fs/file_system/chef_server/policies_dir.rb +158 -158
  76. data/lib/chef/chef_fs/file_system/chef_server/policy_group_entry.rb +136 -136
  77. data/lib/chef/chef_fs/file_system/chef_server/policy_groups_dir.rb +43 -43
  78. data/lib/chef/chef_fs/file_system/chef_server/policy_revision_entry.rb +38 -38
  79. data/lib/chef/chef_fs/file_system/chef_server/rest_list_dir.rb +176 -176
  80. data/lib/chef/chef_fs/file_system/chef_server/rest_list_entry.rb +207 -207
  81. data/lib/chef/chef_fs/file_system/chef_server/versioned_cookbook_dir.rb +45 -45
  82. data/lib/chef/chef_fs/file_system/chef_server/versioned_cookbooks_dir.rb +111 -111
  83. data/lib/chef/chef_fs/file_system/exceptions.rb +105 -105
  84. data/lib/chef/chef_fs/file_system/memory/memory_dir.rb +53 -53
  85. data/lib/chef/chef_fs/file_system/memory/memory_file.rb +20 -20
  86. data/lib/chef/chef_fs/file_system/memory/memory_root.rb +23 -23
  87. data/lib/chef/chef_fs/file_system/multiplexed_dir.rb +62 -62
  88. data/lib/chef/chef_fs/file_system/nonexistent_fs_object.rb +32 -32
  89. data/lib/chef/chef_fs/file_system/repository/acl.rb +45 -45
  90. data/lib/chef/chef_fs/file_system/repository/acls_dir.rb +50 -50
  91. data/lib/chef/chef_fs/file_system/repository/acls_sub_dir.rb +38 -38
  92. data/lib/chef/chef_fs/file_system/repository/base_file.rb +155 -155
  93. data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_cookbook_artifact_dir.rb +41 -41
  94. data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_cookbook_dir.rb +143 -143
  95. data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_cookbook_entry.rb +177 -177
  96. data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_root_dir.rb +232 -232
  97. data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_versioned_cookbook_dir.rb +42 -42
  98. data/lib/chef/chef_fs/file_system/repository/client.rb +38 -38
  99. data/lib/chef/chef_fs/file_system/repository/client_key.rb +38 -38
  100. data/lib/chef/chef_fs/file_system/repository/client_keys_dir.rb +42 -42
  101. data/lib/chef/chef_fs/file_system/repository/client_keys_sub_dir.rb +38 -38
  102. data/lib/chef/chef_fs/file_system/repository/clients_dir.rb +37 -37
  103. data/lib/chef/chef_fs/file_system/repository/container.rb +38 -38
  104. data/lib/chef/chef_fs/file_system/repository/containers_dir.rb +37 -37
  105. data/lib/chef/chef_fs/file_system/repository/cookbook_artifacts_dir.rb +36 -36
  106. data/lib/chef/chef_fs/file_system/repository/cookbooks_dir.rb +51 -51
  107. data/lib/chef/chef_fs/file_system/repository/data_bag.rb +39 -39
  108. data/lib/chef/chef_fs/file_system/repository/data_bag_item.rb +38 -38
  109. data/lib/chef/chef_fs/file_system/repository/data_bags_dir.rb +39 -39
  110. data/lib/chef/chef_fs/file_system/repository/directory.rb +167 -167
  111. data/lib/chef/chef_fs/file_system/repository/environment.rb +38 -38
  112. data/lib/chef/chef_fs/file_system/repository/environments_dir.rb +37 -37
  113. data/lib/chef/chef_fs/file_system/repository/file_system_entry.rb +151 -151
  114. data/lib/chef/chef_fs/file_system/repository/group.rb +38 -38
  115. data/lib/chef/chef_fs/file_system/repository/groups_dir.rb +37 -37
  116. data/lib/chef/chef_fs/file_system/repository/node.rb +38 -38
  117. data/lib/chef/chef_fs/file_system/repository/nodes_dir.rb +59 -59
  118. data/lib/chef/chef_fs/file_system/repository/policies_dir.rb +42 -42
  119. data/lib/chef/chef_fs/file_system/repository/policy.rb +38 -38
  120. data/lib/chef/chef_fs/file_system/repository/policy_group.rb +38 -38
  121. data/lib/chef/chef_fs/file_system/repository/policy_groups_dir.rb +37 -37
  122. data/lib/chef/chef_fs/file_system/repository/role.rb +38 -38
  123. data/lib/chef/chef_fs/file_system/repository/roles_dir.rb +37 -37
  124. data/lib/chef/chef_fs/file_system/repository/user.rb +38 -38
  125. data/lib/chef/chef_fs/file_system/repository/users_dir.rb +37 -37
  126. data/lib/chef/chef_fs/file_system/repository/versioned_cookbooks_dir.rb +34 -34
  127. data/lib/chef/chef_fs/file_system_cache.rb +80 -80
  128. data/lib/chef/chef_fs/knife.rb +160 -161
  129. data/lib/chef/chef_fs/parallelizer.rb +103 -103
  130. data/lib/chef/chef_fs/parallelizer/flatten_enumerable.rb +35 -35
  131. data/lib/chef/chef_fs/parallelizer/parallel_enumerable.rb +277 -277
  132. data/lib/chef/chef_fs/path_utils.rb +127 -127
  133. data/lib/chef/client.rb +934 -934
  134. data/lib/chef/config.rb +84 -84
  135. data/lib/chef/config_fetcher.rb +72 -72
  136. data/lib/chef/constants.rb +28 -28
  137. data/lib/chef/cookbook/chefignore.rb +77 -77
  138. data/lib/chef/cookbook/cookbook_collection.rb +62 -62
  139. data/lib/chef/cookbook/cookbook_version_loader.rb +278 -278
  140. data/lib/chef/cookbook/file_system_file_vendor.rb +57 -57
  141. data/lib/chef/cookbook/file_vendor.rb +70 -70
  142. data/lib/chef/cookbook/gem_installer.rb +94 -94
  143. data/lib/chef/cookbook/manifest_v0.rb +73 -73
  144. data/lib/chef/cookbook/manifest_v2.rb +45 -45
  145. data/lib/chef/cookbook/metadata.rb +752 -752
  146. data/lib/chef/cookbook/remote_file_vendor.rb +86 -86
  147. data/lib/chef/cookbook/synchronizer.rb +328 -328
  148. data/lib/chef/cookbook/syntax_check.rb +259 -259
  149. data/lib/chef/cookbook_loader.rb +185 -185
  150. data/lib/chef/cookbook_manifest.rb +328 -328
  151. data/lib/chef/cookbook_site_streaming_uploader.rb +241 -241
  152. data/lib/chef/cookbook_uploader.rb +156 -156
  153. data/lib/chef/cookbook_version.rb +544 -544
  154. data/lib/chef/daemon.rb +131 -131
  155. data/lib/chef/data_bag.rb +174 -174
  156. data/lib/chef/data_bag_item.rb +209 -209
  157. data/lib/chef/data_collector.rb +282 -324
  158. data/lib/chef/data_collector/config_validation.rb +131 -88
  159. data/lib/chef/data_collector/error_handlers.rb +116 -116
  160. data/lib/chef/data_collector/message_helpers.rb +50 -50
  161. data/lib/chef/data_collector/run_end_message.rb +172 -172
  162. data/lib/chef/data_collector/run_start_message.rb +60 -60
  163. data/lib/chef/decorator.rb +81 -81
  164. data/lib/chef/decorator/lazy.rb +60 -60
  165. data/lib/chef/decorator/lazy_array.rb +59 -59
  166. data/lib/chef/decorator/unchain.rb +43 -43
  167. data/lib/chef/delayed_evaluator.rb +21 -21
  168. data/lib/chef/deprecated.rb +241 -241
  169. data/lib/chef/deprecation/warnings.rb +38 -38
  170. data/lib/chef/digester.rb +74 -74
  171. data/lib/chef/dist.rb +50 -19
  172. data/lib/chef/dsl.rb +6 -6
  173. data/lib/chef/dsl/.DS_Store +0 -0
  174. data/lib/chef/dsl/cheffish.rb +65 -65
  175. data/lib/chef/dsl/core.rb +52 -52
  176. data/lib/chef/dsl/data_query.rb +103 -103
  177. data/lib/chef/dsl/declare_resource.rb +319 -319
  178. data/lib/chef/dsl/definitions.rb +43 -43
  179. data/lib/chef/dsl/include_attribute.rb +57 -57
  180. data/lib/chef/dsl/include_recipe.rb +34 -34
  181. data/lib/chef/dsl/platform_introspection.rb +269 -269
  182. data/lib/chef/dsl/powershell.rb +29 -29
  183. data/lib/chef/dsl/reboot_pending.rb +57 -57
  184. data/lib/chef/dsl/recipe.rb +74 -74
  185. data/lib/chef/dsl/registry_helper.rb +63 -63
  186. data/lib/chef/dsl/resources.rb +47 -47
  187. data/lib/chef/dsl/universal.rb +60 -62
  188. data/lib/chef/encrypted_data_bag_item.rb +158 -157
  189. data/lib/chef/encrypted_data_bag_item/assertions.rb +54 -54
  190. data/lib/chef/encrypted_data_bag_item/check_encrypted.rb +56 -56
  191. data/lib/chef/encrypted_data_bag_item/decryption_failure.rb +22 -22
  192. data/lib/chef/encrypted_data_bag_item/decryptor.rb +232 -232
  193. data/lib/chef/encrypted_data_bag_item/encrypted_data_bag_item_assertions.rb +37 -37
  194. data/lib/chef/encrypted_data_bag_item/encryption_failure.rb +22 -22
  195. data/lib/chef/encrypted_data_bag_item/encryptor.rb +225 -225
  196. data/lib/chef/encrypted_data_bag_item/unacceptable_encrypted_data_bag_item_format.rb +22 -22
  197. data/lib/chef/encrypted_data_bag_item/unsupported_cipher.rb +22 -22
  198. data/lib/chef/encrypted_data_bag_item/unsupported_encrypted_data_bag_item_format.rb +22 -22
  199. data/lib/chef/environment.rb +320 -319
  200. data/lib/chef/event_dispatch/base.rb +431 -431
  201. data/lib/chef/event_dispatch/dispatcher.rb +88 -88
  202. data/lib/chef/event_dispatch/dsl.rb +65 -65
  203. data/lib/chef/event_dispatch/events_output_stream.rb +37 -37
  204. data/lib/chef/event_loggers/base.rb +62 -62
  205. data/lib/chef/event_loggers/windows_eventlog.rb +102 -101
  206. data/lib/chef/exceptions.rb +514 -514
  207. data/lib/chef/file_access_control.rb +75 -75
  208. data/lib/chef/file_access_control/unix.rb +290 -290
  209. data/lib/chef/file_access_control/windows.rb +337 -337
  210. data/lib/chef/file_cache.rb +223 -223
  211. data/lib/chef/file_content_management/content_base.rb +58 -58
  212. data/lib/chef/file_content_management/deploy.rb +37 -37
  213. data/lib/chef/file_content_management/deploy/cp.rb +48 -48
  214. data/lib/chef/file_content_management/deploy/mv_unix.rb +77 -77
  215. data/lib/chef/file_content_management/deploy/mv_windows.rb +103 -103
  216. data/lib/chef/file_content_management/tempfile.rb +107 -107
  217. data/lib/chef/formatters/base.rb +246 -246
  218. data/lib/chef/formatters/doc.rb +401 -401
  219. data/lib/chef/formatters/error_description.rb +86 -86
  220. data/lib/chef/formatters/error_inspectors.rb +19 -19
  221. data/lib/chef/formatters/error_inspectors/api_error_formatting.rb +184 -184
  222. data/lib/chef/formatters/error_inspectors/compile_error_inspector.rb +154 -154
  223. data/lib/chef/formatters/error_inspectors/cookbook_resolve_error_inspector.rb +168 -168
  224. data/lib/chef/formatters/error_inspectors/cookbook_sync_error_inspector.rb +82 -82
  225. data/lib/chef/formatters/error_inspectors/node_load_error_inspector.rb +129 -129
  226. data/lib/chef/formatters/error_inspectors/registration_error_inspector.rb +148 -148
  227. data/lib/chef/formatters/error_inspectors/resource_failure_inspector.rb +125 -125
  228. data/lib/chef/formatters/error_inspectors/run_list_expansion_error_inspector.rb +122 -122
  229. data/lib/chef/formatters/error_mapper.rb +85 -85
  230. data/lib/chef/formatters/indentable_output_stream.rb +182 -182
  231. data/lib/chef/formatters/minimal.rb +235 -235
  232. data/lib/chef/guard_interpreter.rb +32 -32
  233. data/lib/chef/guard_interpreter/default_guard_interpreter.rb +44 -44
  234. data/lib/chef/guard_interpreter/resource_guard_interpreter.rb +138 -138
  235. data/lib/chef/handler.rb +266 -266
  236. data/lib/chef/handler/error_report.rb +33 -33
  237. data/lib/chef/handler/json_file.rb +62 -62
  238. data/lib/chef/http.rb +539 -539
  239. data/lib/chef/http/api_versions.rb +56 -56
  240. data/lib/chef/http/auth_credentials.rb +59 -59
  241. data/lib/chef/http/authenticator.rb +118 -118
  242. data/lib/chef/http/basic_client.rb +157 -157
  243. data/lib/chef/http/cookie_jar.rb +31 -31
  244. data/lib/chef/http/cookie_manager.rb +59 -59
  245. data/lib/chef/http/decompressor.rb +142 -142
  246. data/lib/chef/http/http_request.rb +190 -190
  247. data/lib/chef/http/json_input.rb +73 -73
  248. data/lib/chef/http/json_output.rb +81 -81
  249. data/lib/chef/http/json_to_model_output.rb +34 -34
  250. data/lib/chef/http/remote_request_id.rb +46 -46
  251. data/lib/chef/http/simple.rb +40 -40
  252. data/lib/chef/http/simple_json.rb +43 -43
  253. data/lib/chef/http/socketless_chef_zero_client.rb +210 -209
  254. data/lib/chef/http/ssl_policies.rb +130 -130
  255. data/lib/chef/http/validate_content_length.rb +114 -114
  256. data/lib/chef/json_compat.rb +68 -68
  257. data/lib/chef/key.rb +269 -269
  258. data/lib/chef/knife.rb +649 -648
  259. data/lib/chef/knife/.DS_Store +0 -0
  260. data/lib/chef/knife/bootstrap.rb +1092 -1065
  261. data/lib/chef/knife/bootstrap/chef_vault_handler.rb +157 -158
  262. data/lib/chef/knife/bootstrap/client_builder.rb +207 -207
  263. data/lib/chef/knife/bootstrap/templates/README.md +11 -11
  264. data/lib/chef/knife/bootstrap/templates/chef-full.erb +243 -243
  265. data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +276 -276
  266. data/lib/chef/knife/bootstrap/train_connector.rb +329 -325
  267. data/lib/chef/knife/client_bulk_delete.rb +103 -103
  268. data/lib/chef/knife/client_create.rb +101 -101
  269. data/lib/chef/knife/client_delete.rb +62 -62
  270. data/lib/chef/knife/client_edit.rb +52 -52
  271. data/lib/chef/knife/client_key_create.rb +70 -70
  272. data/lib/chef/knife/client_key_delete.rb +77 -77
  273. data/lib/chef/knife/client_key_edit.rb +80 -80
  274. data/lib/chef/knife/client_key_list.rb +70 -70
  275. data/lib/chef/knife/client_key_show.rb +77 -77
  276. data/lib/chef/knife/client_list.rb +41 -41
  277. data/lib/chef/knife/client_reregister.rb +58 -58
  278. data/lib/chef/knife/client_show.rb +48 -48
  279. data/lib/chef/knife/config_get.rb +126 -126
  280. data/lib/chef/knife/config_get_profile.rb +37 -37
  281. data/lib/chef/knife/config_list_profiles.rb +121 -121
  282. data/lib/chef/knife/config_use_profile.rb +50 -50
  283. data/lib/chef/knife/configure.rb +148 -147
  284. data/lib/chef/knife/configure_client.rb +48 -48
  285. data/lib/chef/knife/cookbook_bulk_delete.rb +71 -71
  286. data/lib/chef/knife/cookbook_delete.rb +151 -151
  287. data/lib/chef/knife/cookbook_download.rb +142 -142
  288. data/lib/chef/knife/cookbook_list.rb +47 -47
  289. data/lib/chef/knife/cookbook_metadata.rb +106 -106
  290. data/lib/chef/knife/cookbook_metadata_from_file.rb +43 -43
  291. data/lib/chef/knife/cookbook_show.rb +98 -98
  292. data/lib/chef/knife/cookbook_site_download.rb +40 -40
  293. data/lib/chef/knife/cookbook_site_install.rb +40 -40
  294. data/lib/chef/knife/cookbook_site_list.rb +40 -40
  295. data/lib/chef/knife/cookbook_site_search.rb +40 -40
  296. data/lib/chef/knife/cookbook_site_share.rb +41 -41
  297. data/lib/chef/knife/cookbook_site_show.rb +40 -40
  298. data/lib/chef/knife/cookbook_site_unshare.rb +41 -41
  299. data/lib/chef/knife/cookbook_upload.rb +273 -273
  300. data/lib/chef/knife/core/bootstrap_context.rb +259 -259
  301. data/lib/chef/knife/core/cookbook_scm_repo.rb +159 -159
  302. data/lib/chef/knife/core/gem_glob_loader.rb +138 -138
  303. data/lib/chef/knife/core/generic_presenter.rb +231 -231
  304. data/lib/chef/knife/core/hashed_command_loader.rb +99 -99
  305. data/lib/chef/knife/core/node_editor.rb +130 -130
  306. data/lib/chef/knife/core/node_presenter.rb +158 -158
  307. data/lib/chef/knife/core/object_loader.rb +115 -115
  308. data/lib/chef/knife/core/status_presenter.rb +172 -172
  309. data/lib/chef/knife/core/subcommand_loader.rb +183 -183
  310. data/lib/chef/knife/core/text_formatter.rb +85 -85
  311. data/lib/chef/knife/core/ui.rb +309 -309
  312. data/lib/chef/knife/core/windows_bootstrap_context.rb +379 -379
  313. data/lib/chef/knife/data_bag_create.rb +80 -80
  314. data/lib/chef/knife/data_bag_delete.rb +49 -49
  315. data/lib/chef/knife/data_bag_edit.rb +74 -74
  316. data/lib/chef/knife/data_bag_from_file.rb +113 -113
  317. data/lib/chef/knife/data_bag_list.rb +42 -42
  318. data/lib/chef/knife/data_bag_secret_options.rb +142 -142
  319. data/lib/chef/knife/data_bag_show.rb +69 -69
  320. data/lib/chef/knife/delete.rb +125 -125
  321. data/lib/chef/knife/deps.rb +156 -156
  322. data/lib/chef/knife/diff.rb +83 -83
  323. data/lib/chef/knife/download.rb +84 -84
  324. data/lib/chef/knife/edit.rb +88 -88
  325. data/lib/chef/knife/environment_compare.rb +127 -127
  326. data/lib/chef/knife/environment_create.rb +52 -52
  327. data/lib/chef/knife/environment_delete.rb +44 -44
  328. data/lib/chef/knife/environment_edit.rb +44 -44
  329. data/lib/chef/knife/environment_from_file.rb +84 -84
  330. data/lib/chef/knife/environment_list.rb +41 -41
  331. data/lib/chef/knife/environment_show.rb +47 -47
  332. data/lib/chef/knife/exec.rb +88 -87
  333. data/lib/chef/knife/key_create.rb +112 -112
  334. data/lib/chef/knife/key_create_base.rb +50 -50
  335. data/lib/chef/knife/key_delete.rb +55 -55
  336. data/lib/chef/knife/key_edit.rb +118 -118
  337. data/lib/chef/knife/key_edit_base.rb +55 -55
  338. data/lib/chef/knife/key_list.rb +88 -88
  339. data/lib/chef/knife/key_list_base.rb +45 -45
  340. data/lib/chef/knife/key_show.rb +53 -53
  341. data/lib/chef/knife/list.rb +177 -177
  342. data/lib/chef/knife/node_bulk_delete.rb +74 -74
  343. data/lib/chef/knife/node_create.rb +47 -47
  344. data/lib/chef/knife/node_delete.rb +46 -46
  345. data/lib/chef/knife/node_edit.rb +70 -70
  346. data/lib/chef/knife/node_environment_set.rb +54 -54
  347. data/lib/chef/knife/node_from_file.rb +51 -51
  348. data/lib/chef/knife/node_list.rb +44 -44
  349. data/lib/chef/knife/node_policy_set.rb +79 -79
  350. data/lib/chef/knife/node_run_list_add.rb +104 -104
  351. data/lib/chef/knife/node_run_list_remove.rb +67 -67
  352. data/lib/chef/knife/node_run_list_set.rb +66 -66
  353. data/lib/chef/knife/node_show.rb +62 -61
  354. data/lib/chef/knife/null.rb +13 -13
  355. data/lib/chef/knife/raw.rb +124 -124
  356. data/lib/chef/knife/recipe_list.rb +32 -32
  357. data/lib/chef/knife/rehash.rb +65 -65
  358. data/lib/chef/knife/role_bulk_delete.rb +65 -65
  359. data/lib/chef/knife/role_create.rb +53 -53
  360. data/lib/chef/knife/role_delete.rb +46 -46
  361. data/lib/chef/knife/role_edit.rb +45 -45
  362. data/lib/chef/knife/role_env_run_list_add.rb +87 -87
  363. data/lib/chef/knife/role_env_run_list_clear.rb +55 -55
  364. data/lib/chef/knife/role_env_run_list_remove.rb +57 -57
  365. data/lib/chef/knife/role_env_run_list_replace.rb +60 -60
  366. data/lib/chef/knife/role_env_run_list_set.rb +70 -70
  367. data/lib/chef/knife/role_from_file.rb +51 -51
  368. data/lib/chef/knife/role_list.rb +42 -42
  369. data/lib/chef/knife/role_run_list_add.rb +87 -87
  370. data/lib/chef/knife/role_run_list_clear.rb +55 -55
  371. data/lib/chef/knife/role_run_list_remove.rb +56 -56
  372. data/lib/chef/knife/role_run_list_replace.rb +60 -60
  373. data/lib/chef/knife/role_run_list_set.rb +69 -69
  374. data/lib/chef/knife/role_show.rb +48 -48
  375. data/lib/chef/knife/search.rb +194 -194
  376. data/lib/chef/knife/serve.rb +65 -64
  377. data/lib/chef/knife/show.rb +72 -72
  378. data/lib/chef/knife/ssh.rb +633 -634
  379. data/lib/chef/knife/ssl_check.rb +284 -283
  380. data/lib/chef/knife/ssl_fetch.rb +161 -161
  381. data/lib/chef/knife/status.rb +98 -97
  382. data/lib/chef/knife/supermarket_download.rb +122 -122
  383. data/lib/chef/knife/supermarket_install.rb +193 -193
  384. data/lib/chef/knife/supermarket_list.rb +65 -65
  385. data/lib/chef/knife/supermarket_search.rb +53 -53
  386. data/lib/chef/knife/supermarket_share.rb +166 -166
  387. data/lib/chef/knife/supermarket_show.rb +67 -67
  388. data/lib/chef/knife/supermarket_unshare.rb +61 -61
  389. data/lib/chef/knife/tag_create.rb +52 -52
  390. data/lib/chef/knife/tag_delete.rb +60 -60
  391. data/lib/chef/knife/tag_list.rb +47 -47
  392. data/lib/chef/knife/upload.rb +86 -86
  393. data/lib/chef/knife/user_create.rb +107 -107
  394. data/lib/chef/knife/user_delete.rb +44 -44
  395. data/lib/chef/knife/user_edit.rb +52 -52
  396. data/lib/chef/knife/user_key_create.rb +70 -70
  397. data/lib/chef/knife/user_key_delete.rb +77 -77
  398. data/lib/chef/knife/user_key_edit.rb +80 -80
  399. data/lib/chef/knife/user_key_list.rb +70 -70
  400. data/lib/chef/knife/user_key_show.rb +77 -77
  401. data/lib/chef/knife/user_list.rb +42 -42
  402. data/lib/chef/knife/user_reregister.rb +59 -59
  403. data/lib/chef/knife/user_show.rb +48 -48
  404. data/lib/chef/knife/xargs.rb +282 -282
  405. data/lib/chef/local_mode.rb +127 -126
  406. data/lib/chef/log.rb +70 -70
  407. data/lib/chef/log/syslog.rb +46 -46
  408. data/lib/chef/log/winevt.rb +100 -99
  409. data/lib/chef/mash.rb +232 -232
  410. data/lib/chef/mixin/.DS_Store +0 -0
  411. data/lib/chef/mixin/api_version_request_handling.rb +64 -64
  412. data/lib/chef/mixin/checksum.rb +37 -37
  413. data/lib/chef/mixin/convert_to_class_name.rb +126 -126
  414. data/lib/chef/mixin/create_path.rb +71 -71
  415. data/lib/chef/mixin/deep_merge.rb +140 -140
  416. data/lib/chef/mixin/deprecation.rb +117 -117
  417. data/lib/chef/mixin/descendants_tracker.rb +81 -81
  418. data/lib/chef/mixin/enforce_ownership_and_permissions.rb +39 -39
  419. data/lib/chef/mixin/file_class.rb +35 -35
  420. data/lib/chef/mixin/from_file.rb +55 -55
  421. data/lib/chef/mixin/get_source_from_package.rb +47 -47
  422. data/lib/chef/mixin/homebrew_user.rb +79 -79
  423. data/lib/chef/mixin/lazy_module_include.rb +77 -77
  424. data/lib/chef/mixin/notifying_block.rb +51 -51
  425. data/lib/chef/mixin/openssl_helper.rb +402 -402
  426. data/lib/chef/mixin/params_validate.rb +498 -498
  427. data/lib/chef/mixin/path_sanity.rb +66 -66
  428. data/lib/chef/mixin/powershell_exec.rb +105 -105
  429. data/lib/chef/mixin/powershell_out.rb +98 -98
  430. data/lib/chef/mixin/powershell_type_coercions.rb +84 -84
  431. data/lib/chef/mixin/properties.rb +355 -355
  432. data/lib/chef/mixin/provides.rb +29 -29
  433. data/lib/chef/mixin/proxified_socket.rb +42 -42
  434. data/lib/chef/mixin/securable.rb +192 -192
  435. data/lib/chef/mixin/shell_out.rb +216 -187
  436. data/lib/chef/mixin/subclass_directive.rb +37 -37
  437. data/lib/chef/mixin/template.rb +265 -260
  438. data/lib/chef/mixin/train_helpers.rb +60 -0
  439. data/lib/chef/mixin/unformatter.rb +32 -32
  440. data/lib/chef/mixin/uris.rb +42 -42
  441. data/lib/chef/mixin/user_context.rb +55 -55
  442. data/lib/chef/mixin/versioned_api.rb +84 -84
  443. data/lib/chef/mixin/which.rb +63 -52
  444. data/lib/chef/mixin/why_run.rb +326 -326
  445. data/lib/chef/mixin/wide_string.rb +54 -54
  446. data/lib/chef/mixin/windows_architecture_helper.rb +113 -113
  447. data/lib/chef/mixin/windows_env_helper.rb +67 -67
  448. data/lib/chef/mixin/xml_escape.rb +138 -138
  449. data/lib/chef/mixins.rb +12 -12
  450. data/lib/chef/monkey_patches/net_http.rb +64 -64
  451. data/lib/chef/monkey_patches/webrick-utils.rb +51 -51
  452. data/lib/chef/monkey_patches/win32/registry.rb +60 -60
  453. data/lib/chef/monologger.rb +4 -4
  454. data/lib/chef/nil_argument.rb +3 -3
  455. data/lib/chef/node.rb +732 -732
  456. data/lib/chef/node/attribute.rb +651 -651
  457. data/lib/chef/node/attribute_collections.rb +178 -178
  458. data/lib/chef/node/common_api.rb +121 -121
  459. data/lib/chef/node/immutable_collections.rb +182 -182
  460. data/lib/chef/node/mixin/deep_merge_cache.rb +61 -61
  461. data/lib/chef/node/mixin/immutablize_array.rb +179 -179
  462. data/lib/chef/node/mixin/immutablize_hash.rb +165 -165
  463. data/lib/chef/node/mixin/mashy_array.rb +68 -68
  464. data/lib/chef/node/mixin/state_tracking.rb +96 -96
  465. data/lib/chef/node_map.rb +326 -328
  466. data/lib/chef/null_logger.rb +79 -79
  467. data/lib/chef/org.rb +144 -144
  468. data/lib/chef/platform.rb +30 -30
  469. data/lib/chef/platform/priority_map.rb +41 -41
  470. data/lib/chef/platform/provider_handler_map.rb +29 -29
  471. data/lib/chef/platform/provider_mapping.rb +55 -55
  472. data/lib/chef/platform/provider_priority_map.rb +11 -11
  473. data/lib/chef/platform/query_helpers.rb +100 -100
  474. data/lib/chef/platform/rebooter.rb +71 -71
  475. data/lib/chef/platform/resource_handler_map.rb +29 -29
  476. data/lib/chef/platform/resource_priority_map.rb +11 -11
  477. data/lib/chef/platform/service_helpers.rb +125 -122
  478. data/lib/chef/policy_builder.rb +42 -42
  479. data/lib/chef/policy_builder/dynamic.rb +186 -186
  480. data/lib/chef/policy_builder/expand_node_object.rb +261 -261
  481. data/lib/chef/policy_builder/policyfile.rb +571 -571
  482. data/lib/chef/powershell.rb +57 -57
  483. data/lib/chef/property.rb +731 -731
  484. data/lib/chef/provider.rb +419 -419
  485. data/lib/chef/provider/.DS_Store +0 -0
  486. data/lib/chef/provider/apt_preference.rb +94 -94
  487. data/lib/chef/provider/apt_repository.rb +360 -360
  488. data/lib/chef/provider/apt_update.rb +80 -80
  489. data/lib/chef/provider/batch.rb +45 -45
  490. data/lib/chef/provider/cookbook_file.rb +47 -47
  491. data/lib/chef/provider/cookbook_file/content.rb +49 -49
  492. data/lib/chef/provider/cron.rb +256 -256
  493. data/lib/chef/provider/cron/aix.rb +50 -50
  494. data/lib/chef/provider/cron/solaris.rb +22 -22
  495. data/lib/chef/provider/cron/unix.rb +83 -83
  496. data/lib/chef/provider/directory.rb +164 -164
  497. data/lib/chef/provider/dsc_resource.rb +209 -209
  498. data/lib/chef/provider/dsc_script.rb +185 -185
  499. data/lib/chef/provider/execute.rb +130 -133
  500. data/lib/chef/provider/file.rb +479 -479
  501. data/lib/chef/provider/file/content.rb +39 -39
  502. data/lib/chef/provider/git.rb +359 -359
  503. data/lib/chef/provider/group.rb +179 -179
  504. data/lib/chef/provider/group/aix.rb +79 -79
  505. data/lib/chef/provider/group/dscl.rb +177 -177
  506. data/lib/chef/provider/group/gpasswd.rb +58 -58
  507. data/lib/chef/provider/group/groupadd.rb +133 -133
  508. data/lib/chef/provider/group/groupmod.rb +123 -123
  509. data/lib/chef/provider/group/pw.rb +137 -137
  510. data/lib/chef/provider/group/solaris.rb +62 -62
  511. data/lib/chef/provider/group/suse.rb +82 -82
  512. data/lib/chef/provider/group/usermod.rb +87 -87
  513. data/lib/chef/provider/group/windows.rb +110 -110
  514. data/lib/chef/provider/http_request.rb +132 -132
  515. data/lib/chef/provider/ifconfig.rb +271 -271
  516. data/lib/chef/provider/ifconfig/aix.rb +94 -94
  517. data/lib/chef/provider/ifconfig/debian.rb +88 -88
  518. data/lib/chef/provider/ifconfig/redhat.rb +54 -54
  519. data/lib/chef/provider/launchd.rb +232 -231
  520. data/lib/chef/provider/link.rb +168 -168
  521. data/lib/chef/provider/log.rb +43 -43
  522. data/lib/chef/provider/lwrp_base.rb +89 -89
  523. data/lib/chef/provider/mdadm.rb +85 -85
  524. data/lib/chef/provider/mount.rb +175 -175
  525. data/lib/chef/provider/mount/aix.rb +221 -221
  526. data/lib/chef/provider/mount/mount.rb +283 -283
  527. data/lib/chef/provider/mount/solaris.rb +275 -275
  528. data/lib/chef/provider/mount/windows.rb +92 -92
  529. data/lib/chef/provider/noop.rb +37 -37
  530. data/lib/chef/provider/ohai.rb +45 -45
  531. data/lib/chef/provider/osx_profile.rb +251 -251
  532. data/lib/chef/provider/package.rb +600 -600
  533. data/lib/chef/provider/package/.DS_Store +0 -0
  534. data/lib/chef/provider/package/apt.rb +234 -234
  535. data/lib/chef/provider/package/bff.rb +142 -142
  536. data/lib/chef/provider/package/cab.rb +187 -187
  537. data/lib/chef/provider/package/chocolatey.rb +285 -285
  538. data/lib/chef/provider/package/deb.rb +131 -131
  539. data/lib/chef/provider/package/dnf.rb +196 -196
  540. data/lib/chef/provider/package/dnf/dnf_helper.py +100 -100
  541. data/lib/chef/provider/package/dnf/python_helper.rb +171 -171
  542. data/lib/chef/provider/package/dnf/version.rb +56 -56
  543. data/lib/chef/provider/package/dpkg.rb +227 -227
  544. data/lib/chef/provider/package/freebsd/.DS_Store +0 -0
  545. data/lib/chef/provider/package/freebsd/base.rb +89 -89
  546. data/lib/chef/provider/package/freebsd/pkgng.rb +76 -76
  547. data/lib/chef/provider/package/freebsd/port.rb +56 -56
  548. data/lib/chef/provider/package/homebrew.rb +138 -138
  549. data/lib/chef/provider/package/ips.rb +85 -85
  550. data/lib/chef/provider/package/macports.rb +101 -101
  551. data/lib/chef/provider/package/msu.rb +161 -161
  552. data/lib/chef/provider/package/openbsd.rb +139 -139
  553. data/lib/chef/provider/package/pacman.rb +103 -103
  554. data/lib/chef/provider/package/paludis.rb +85 -85
  555. data/lib/chef/provider/package/portage.rb +133 -133
  556. data/lib/chef/provider/package/powershell.rb +133 -133
  557. data/lib/chef/provider/package/rpm.rb +126 -126
  558. data/lib/chef/provider/package/rubygems.rb +618 -617
  559. data/lib/chef/provider/package/smartos.rb +92 -92
  560. data/lib/chef/provider/package/snap.rb +358 -358
  561. data/lib/chef/provider/package/solaris.rb +137 -137
  562. data/lib/chef/provider/package/windows.rb +317 -317
  563. data/lib/chef/provider/package/windows/exe.rb +117 -117
  564. data/lib/chef/provider/package/windows/msi.rb +96 -96
  565. data/lib/chef/provider/package/windows/registry_uninstall_entry.rb +99 -99
  566. data/lib/chef/provider/package/yum.rb +287 -289
  567. data/lib/chef/provider/package/yum/python_helper.rb +222 -222
  568. data/lib/chef/provider/package/yum/rpm_utils.rb +641 -641
  569. data/lib/chef/provider/package/yum/simplejson/LICENSE.txt +79 -79
  570. data/lib/chef/provider/package/yum/simplejson/__init__.py +318 -318
  571. data/lib/chef/provider/package/yum/simplejson/decoder.py +354 -354
  572. data/lib/chef/provider/package/yum/simplejson/encoder.py +440 -440
  573. data/lib/chef/provider/package/yum/simplejson/scanner.py +65 -65
  574. data/lib/chef/provider/package/yum/simplejson/tool.py +37 -37
  575. data/lib/chef/provider/package/yum/version.rb +60 -60
  576. data/lib/chef/provider/package/yum/yum_cache.rb +93 -93
  577. data/lib/chef/provider/package/yum/yum_helper.py +216 -211
  578. data/lib/chef/provider/package/zypper.rb +167 -167
  579. data/lib/chef/provider/powershell_script.rb +193 -193
  580. data/lib/chef/provider/reboot.rb +78 -78
  581. data/lib/chef/provider/registry_key.rb +199 -199
  582. data/lib/chef/provider/remote_directory.rb +269 -269
  583. data/lib/chef/provider/remote_file.rb +66 -66
  584. data/lib/chef/provider/remote_file/cache_control_data.rb +195 -195
  585. data/lib/chef/provider/remote_file/content.rb +81 -81
  586. data/lib/chef/provider/remote_file/fetcher.rb +60 -60
  587. data/lib/chef/provider/remote_file/ftp.rb +172 -172
  588. data/lib/chef/provider/remote_file/http.rb +143 -143
  589. data/lib/chef/provider/remote_file/local_file.rb +60 -60
  590. data/lib/chef/provider/remote_file/network_file.rb +61 -61
  591. data/lib/chef/provider/remote_file/sftp.rb +105 -105
  592. data/lib/chef/provider/resource_update.rb +52 -52
  593. data/lib/chef/provider/route.rb +248 -248
  594. data/lib/chef/provider/ruby_block.rb +40 -40
  595. data/lib/chef/provider/script.rb +117 -117
  596. data/lib/chef/provider/service.rb +252 -252
  597. data/lib/chef/provider/service/aix.rb +125 -125
  598. data/lib/chef/provider/service/aixinit.rb +117 -117
  599. data/lib/chef/provider/service/arch.rb +118 -118
  600. data/lib/chef/provider/service/debian.rb +193 -193
  601. data/lib/chef/provider/service/freebsd.rb +194 -194
  602. data/lib/chef/provider/service/gentoo.rb +70 -70
  603. data/lib/chef/provider/service/init.rb +93 -93
  604. data/lib/chef/provider/service/insserv.rb +61 -59
  605. data/lib/chef/provider/service/invokercd.rb +41 -41
  606. data/lib/chef/provider/service/macosx.rb +252 -252
  607. data/lib/chef/provider/service/openbsd.rb +216 -216
  608. data/lib/chef/provider/service/redhat.rb +126 -126
  609. data/lib/chef/provider/service/simple.rb +172 -172
  610. data/lib/chef/provider/service/solaris.rb +127 -127
  611. data/lib/chef/provider/service/systemd.rb +190 -189
  612. data/lib/chef/provider/service/upstart.rb +260 -260
  613. data/lib/chef/provider/service/windows.rb +485 -485
  614. data/lib/chef/provider/subversion.rb +227 -227
  615. data/lib/chef/provider/support/yum_repo.erb +138 -138
  616. data/lib/chef/provider/support/zypper_repo.erb +17 -17
  617. data/lib/chef/provider/systemd_unit.rb +261 -261
  618. data/lib/chef/provider/template.rb +59 -59
  619. data/lib/chef/provider/template/content.rb +93 -93
  620. data/lib/chef/provider/template_finder.rb +62 -62
  621. data/lib/chef/provider/user.rb +221 -221
  622. data/lib/chef/provider/user/aix.rb +131 -131
  623. data/lib/chef/provider/user/dscl.rb +632 -632
  624. data/lib/chef/provider/user/linux.rb +116 -116
  625. data/lib/chef/provider/user/pw.rb +105 -105
  626. data/lib/chef/provider/user/solaris.rb +160 -160
  627. data/lib/chef/provider/user/windows.rb +124 -124
  628. data/lib/chef/provider/whyrun_safe_ruby_block.rb +32 -32
  629. data/lib/chef/provider/windows_env.rb +207 -207
  630. data/lib/chef/provider/windows_path.rb +61 -61
  631. data/lib/chef/provider/windows_script.rb +75 -75
  632. data/lib/chef/provider/windows_task.rb +634 -634
  633. data/lib/chef/provider/yum_repository.rb +130 -130
  634. data/lib/chef/provider/zypper_repository.rb +170 -169
  635. data/lib/chef/provider_resolver.rb +146 -146
  636. data/lib/chef/providers.rb +147 -147
  637. data/lib/chef/recipe.rb +95 -95
  638. data/lib/chef/request_id.rb +37 -37
  639. data/lib/chef/reserved_names.rb +9 -9
  640. data/lib/chef/resource.rb +1592 -1592
  641. data/lib/chef/resource/.DS_Store +0 -0
  642. data/lib/chef/resource/action_class.rb +90 -90
  643. data/lib/chef/resource/apt_package.rb +49 -48
  644. data/lib/chef/resource/apt_preference.rb +52 -52
  645. data/lib/chef/resource/apt_repository.rb +86 -86
  646. data/lib/chef/resource/apt_update.rb +41 -41
  647. data/lib/chef/resource/archive_file.rb +172 -172
  648. data/lib/chef/resource/bash.rb +34 -34
  649. data/lib/chef/resource/batch.rb +34 -34
  650. data/lib/chef/resource/bff_package.rb +31 -31
  651. data/lib/chef/resource/breakpoint.rb +48 -48
  652. data/lib/chef/resource/build_essential.rb +143 -143
  653. data/lib/chef/resource/cab_package.rb +45 -45
  654. data/lib/chef/resource/chef_gem.rb +62 -62
  655. data/lib/chef/resource/chef_handler.rb +136 -135
  656. data/lib/chef/resource/chocolatey_config.rb +82 -82
  657. data/lib/chef/resource/chocolatey_feature.rb +80 -0
  658. data/lib/chef/resource/chocolatey_package.rb +50 -50
  659. data/lib/chef/resource/chocolatey_source.rb +129 -94
  660. data/lib/chef/resource/conditional.rb +135 -135
  661. data/lib/chef/resource/conditional_action_not_nothing.rb +48 -48
  662. data/lib/chef/resource/cookbook_file.rb +46 -46
  663. data/lib/chef/resource/cron.rb +174 -174
  664. data/lib/chef/resource/cron_access.rb +69 -69
  665. data/lib/chef/resource/cron_d.rb +238 -237
  666. data/lib/chef/resource/csh.rb +39 -39
  667. data/lib/chef/resource/directory.rb +51 -51
  668. data/lib/chef/resource/dmg_package.rb +171 -171
  669. data/lib/chef/resource/dnf_package.rb +80 -80
  670. data/lib/chef/resource/dpkg_package.rb +41 -41
  671. data/lib/chef/resource/dsc_resource.rb +121 -120
  672. data/lib/chef/resource/dsc_script.rb +125 -124
  673. data/lib/chef/resource/execute.rb +200 -200
  674. data/lib/chef/resource/file.rb +106 -106
  675. data/lib/chef/resource/file/.DS_Store +0 -0
  676. data/lib/chef/resource/file/verification.rb +139 -139
  677. data/lib/chef/resource/file/verification/systemd_unit.rb +67 -67
  678. data/lib/chef/resource/freebsd_package.rb +55 -55
  679. data/lib/chef/resource/gem_package.rb +59 -59
  680. data/lib/chef/resource/git.rb +35 -35
  681. data/lib/chef/resource/group.rb +61 -61
  682. data/lib/chef/resource/homebrew_cask.rb +103 -103
  683. data/lib/chef/resource/homebrew_package.rb +39 -39
  684. data/lib/chef/resource/homebrew_tap.rb +90 -90
  685. data/lib/chef/resource/hostname.rb +267 -267
  686. data/lib/chef/resource/http_request.rb +55 -55
  687. data/lib/chef/resource/ifconfig.rb +105 -105
  688. data/lib/chef/resource/ips_package.rb +38 -38
  689. data/lib/chef/resource/kernel_module.rb +134 -134
  690. data/lib/chef/resource/ksh.rb +39 -39
  691. data/lib/chef/resource/launchd.rb +256 -252
  692. data/lib/chef/resource/link.rb +92 -92
  693. data/lib/chef/resource/locale.rb +150 -149
  694. data/lib/chef/resource/log.rb +53 -52
  695. data/lib/chef/resource/lwrp_base.rb +123 -123
  696. data/lib/chef/resource/macos_userdefaults.rb +132 -132
  697. data/lib/chef/resource/macosx_service.rb +37 -37
  698. data/lib/chef/resource/macports_package.rb +29 -29
  699. data/lib/chef/resource/mdadm.rb +67 -67
  700. data/lib/chef/resource/mount.rb +96 -96
  701. data/lib/chef/resource/msu_package.rb +49 -49
  702. data/lib/chef/resource/ohai.rb +38 -38
  703. data/lib/chef/resource/ohai_hint.rb +97 -97
  704. data/lib/chef/resource/openbsd_package.rb +38 -38
  705. data/lib/chef/resource/openssl_dhparam.rb +77 -77
  706. data/lib/chef/resource/openssl_ec_private_key.rb +92 -92
  707. data/lib/chef/resource/openssl_ec_public_key.rb +74 -74
  708. data/lib/chef/resource/openssl_rsa_private_key.rb +91 -91
  709. data/lib/chef/resource/openssl_rsa_public_key.rb +74 -74
  710. data/lib/chef/resource/openssl_x509_certificate.rb +220 -220
  711. data/lib/chef/resource/openssl_x509_crl.rb +131 -131
  712. data/lib/chef/resource/openssl_x509_request.rb +150 -150
  713. data/lib/chef/resource/osx_profile.rb +48 -48
  714. data/lib/chef/resource/package.rb +65 -65
  715. data/lib/chef/resource/pacman_package.rb +30 -30
  716. data/lib/chef/resource/paludis_package.rb +38 -38
  717. data/lib/chef/resource/perl.rb +38 -38
  718. data/lib/chef/resource/portage_package.rb +33 -33
  719. data/lib/chef/resource/powershell_package.rb +52 -52
  720. data/lib/chef/resource/powershell_package_source.rb +168 -168
  721. data/lib/chef/resource/powershell_script.rb +95 -95
  722. data/lib/chef/resource/python.rb +36 -36
  723. data/lib/chef/resource/reboot.rb +47 -46
  724. data/lib/chef/resource/registry_key.rb +130 -130
  725. data/lib/chef/resource/remote_directory.rb +84 -84
  726. data/lib/chef/resource/remote_file.rb +181 -181
  727. data/lib/chef/resource/resource_notification.rb +139 -139
  728. data/lib/chef/resource/rhsm_errata.rb +46 -46
  729. data/lib/chef/resource/rhsm_errata_level.rb +51 -51
  730. data/lib/chef/resource/rhsm_register.rb +168 -168
  731. data/lib/chef/resource/rhsm_repo.rb +65 -65
  732. data/lib/chef/resource/rhsm_subscription.rb +98 -98
  733. data/lib/chef/resource/route.rb +56 -56
  734. data/lib/chef/resource/rpm_package.rb +33 -33
  735. data/lib/chef/resource/ruby.rb +37 -37
  736. data/lib/chef/resource/ruby_block.rb +48 -46
  737. data/lib/chef/resource/scm.rb +75 -75
  738. data/lib/chef/resource/script.rb +54 -54
  739. data/lib/chef/resource/service.rb +126 -125
  740. data/lib/chef/resource/smartos_package.rb +31 -31
  741. data/lib/chef/resource/snap_package.rb +36 -36
  742. data/lib/chef/resource/solaris_package.rb +33 -33
  743. data/lib/chef/resource/ssh_known_hosts_entry.rb +146 -145
  744. data/lib/chef/resource/subversion.rb +56 -56
  745. data/lib/chef/resource/sudo.rb +230 -230
  746. data/lib/chef/resource/support/cron.d.erb +28 -28
  747. data/lib/chef/resource/support/cron_access.erb +4 -4
  748. data/lib/chef/resource/support/ssh_known_hosts.erb +3 -3
  749. data/lib/chef/resource/support/sudoer.erb +18 -18
  750. data/lib/chef/resource/swap_file.rb +209 -209
  751. data/lib/chef/resource/sysctl.rb +151 -151
  752. data/lib/chef/resource/systemd_unit.rb +87 -86
  753. data/lib/chef/resource/template.rb +212 -212
  754. data/lib/chef/resource/timezone.rb +134 -134
  755. data/lib/chef/resource/user.rb +77 -77
  756. data/lib/chef/resource/user/aix_user.rb +31 -31
  757. data/lib/chef/resource/user/dscl_user.rb +35 -35
  758. data/lib/chef/resource/user/linux_user.rb +32 -32
  759. data/lib/chef/resource/user/pw_user.rb +31 -31
  760. data/lib/chef/resource/user/solaris_user.rb +31 -31
  761. data/lib/chef/resource/user/windows_user.rb +35 -35
  762. data/lib/chef/resource/whyrun_safe_ruby_block.rb +24 -24
  763. data/lib/chef/resource/windows_ad_join.rb +121 -120
  764. data/lib/chef/resource/windows_auto_run.rb +87 -87
  765. data/lib/chef/resource/windows_certificate.rb +332 -332
  766. data/lib/chef/resource/windows_dfs_folder.rb +75 -75
  767. data/lib/chef/resource/windows_dfs_namespace.rb +114 -114
  768. data/lib/chef/resource/windows_dfs_server.rb +76 -76
  769. data/lib/chef/resource/windows_dns_record.rb +76 -76
  770. data/lib/chef/resource/windows_dns_zone.rb +80 -80
  771. data/lib/chef/resource/windows_env.rb +49 -49
  772. data/lib/chef/resource/windows_feature.rb +90 -90
  773. data/lib/chef/resource/windows_feature_dism.rb +222 -222
  774. data/lib/chef/resource/windows_feature_powershell.rb +262 -262
  775. data/lib/chef/resource/windows_firewall_rule.rb +204 -204
  776. data/lib/chef/resource/windows_font.rb +125 -125
  777. data/lib/chef/resource/windows_package.rb +61 -61
  778. data/lib/chef/resource/windows_pagefile.rb +206 -206
  779. data/lib/chef/resource/windows_path.rb +38 -38
  780. data/lib/chef/resource/windows_printer.rb +146 -146
  781. data/lib/chef/resource/windows_printer_port.rb +136 -136
  782. data/lib/chef/resource/windows_script.rb +65 -65
  783. data/lib/chef/resource/windows_service.rb +115 -115
  784. data/lib/chef/resource/windows_share.rb +323 -323
  785. data/lib/chef/resource/windows_shortcut.rb +79 -79
  786. data/lib/chef/resource/windows_task.rb +353 -353
  787. data/lib/chef/resource/windows_uac.rb +94 -94
  788. data/lib/chef/resource/windows_workgroup.rb +113 -112
  789. data/lib/chef/resource/yum_package.rb +79 -79
  790. data/lib/chef/resource/yum_repository.rb +187 -187
  791. data/lib/chef/resource/zypper_package.rb +46 -46
  792. data/lib/chef/resource/zypper_repository.rb +103 -103
  793. data/lib/chef/resource_builder.rb +92 -92
  794. data/lib/chef/resource_collection.rb +147 -146
  795. data/lib/chef/resource_collection/resource_collection_serialization.rb +68 -68
  796. data/lib/chef/resource_collection/resource_list.rb +106 -106
  797. data/lib/chef/resource_collection/resource_set.rb +200 -200
  798. data/lib/chef/resource_collection/stepable_iterator.rb +122 -122
  799. data/lib/chef/resource_definition.rb +68 -68
  800. data/lib/chef/resource_definition_list.rb +38 -38
  801. data/lib/chef/resource_inspector.rb +108 -108
  802. data/lib/chef/resource_reporter.rb +246 -246
  803. data/lib/chef/resource_resolver.rb +160 -160
  804. data/lib/chef/resources.rb +156 -155
  805. data/lib/chef/role.rb +274 -274
  806. data/lib/chef/run_context.rb +719 -719
  807. data/lib/chef/run_context/cookbook_compiler.rb +343 -343
  808. data/lib/chef/run_list.rb +168 -168
  809. data/lib/chef/run_list/run_list_expansion.rb +236 -236
  810. data/lib/chef/run_list/run_list_item.rb +98 -98
  811. data/lib/chef/run_list/versioned_recipe_list.rb +104 -104
  812. data/lib/chef/run_lock.rb +198 -198
  813. data/lib/chef/run_status.rb +128 -128
  814. data/lib/chef/runner.rb +148 -148
  815. data/lib/chef/sandbox.rb +20 -20
  816. data/lib/chef/scan_access_control.rb +138 -138
  817. data/lib/chef/search/query.rb +182 -182
  818. data/lib/chef/server_api.rb +83 -83
  819. data/lib/chef/server_api_versions.rb +59 -59
  820. data/lib/chef/shell.rb +354 -354
  821. data/lib/chef/shell/ext.rb +594 -593
  822. data/lib/chef/shell/model_wrapper.rb +120 -120
  823. data/lib/chef/shell/shell_session.rb +311 -310
  824. data/lib/chef/train_transport.rb +126 -129
  825. data/lib/chef/user.rb +194 -194
  826. data/lib/chef/user_v1.rb +325 -325
  827. data/lib/chef/util/backup.rb +94 -94
  828. data/lib/chef/util/diff.rb +184 -184
  829. data/lib/chef/util/dsc/configuration_generator.rb +139 -139
  830. data/lib/chef/util/dsc/lcm_output_parser.rb +192 -192
  831. data/lib/chef/util/dsc/local_configuration_manager.rb +151 -151
  832. data/lib/chef/util/dsc/resource_info.rb +26 -26
  833. data/lib/chef/util/dsc/resource_store.rb +109 -109
  834. data/lib/chef/util/editor.rb +91 -91
  835. data/lib/chef/util/file_edit.rb +100 -100
  836. data/lib/chef/util/path_helper.rb +25 -25
  837. data/lib/chef/util/powershell/cmdlet.rb +173 -173
  838. data/lib/chef/util/powershell/cmdlet_result.rb +61 -61
  839. data/lib/chef/util/powershell/ps_credential.rb +41 -41
  840. data/lib/chef/util/selinux.rb +93 -93
  841. data/lib/chef/util/threaded_job_queue.rb +61 -61
  842. data/lib/chef/util/windows.rb +24 -24
  843. data/lib/chef/util/windows/logon_session.rb +129 -129
  844. data/lib/chef/util/windows/net_group.rb +78 -78
  845. data/lib/chef/util/windows/net_use.rb +81 -81
  846. data/lib/chef/util/windows/net_user.rb +172 -172
  847. data/lib/chef/util/windows/volume.rb +49 -49
  848. data/lib/chef/version.rb +36 -36
  849. data/lib/chef/version/platform.rb +62 -62
  850. data/lib/chef/version_class.rb +75 -75
  851. data/lib/chef/version_constraint.rb +118 -118
  852. data/lib/chef/version_constraint/platform.rb +28 -28
  853. data/lib/chef/version_string.rb +143 -143
  854. data/lib/chef/whitelist.rb +86 -86
  855. data/lib/chef/win32/api.rb +372 -372
  856. data/lib/chef/win32/api/crypto.rb +63 -63
  857. data/lib/chef/win32/api/error.rb +953 -953
  858. data/lib/chef/win32/api/file.rb +620 -620
  859. data/lib/chef/win32/api/installer.rb +165 -165
  860. data/lib/chef/win32/api/memory.rb +105 -105
  861. data/lib/chef/win32/api/net.rb +328 -328
  862. data/lib/chef/win32/api/process.rb +42 -42
  863. data/lib/chef/win32/api/psapi.rb +51 -51
  864. data/lib/chef/win32/api/registry.rb +51 -51
  865. data/lib/chef/win32/api/security.rb +476 -476
  866. data/lib/chef/win32/api/synchronization.rb +89 -89
  867. data/lib/chef/win32/api/system.rb +238 -238
  868. data/lib/chef/win32/api/unicode.rb +135 -135
  869. data/lib/chef/win32/crypto.rb +50 -50
  870. data/lib/chef/win32/error.rb +86 -86
  871. data/lib/chef/win32/eventlog.rb +31 -31
  872. data/lib/chef/win32/file.rb +226 -226
  873. data/lib/chef/win32/file/info.rb +99 -99
  874. data/lib/chef/win32/file/version_info.rb +93 -93
  875. data/lib/chef/win32/handle.rb +55 -55
  876. data/lib/chef/win32/memory.rb +101 -101
  877. data/lib/chef/win32/mutex.rb +116 -116
  878. data/lib/chef/win32/net.rb +326 -326
  879. data/lib/chef/win32/process.rb +97 -97
  880. data/lib/chef/win32/registry.rb +374 -374
  881. data/lib/chef/win32/security.rb +698 -698
  882. data/lib/chef/win32/security/ace.rb +123 -123
  883. data/lib/chef/win32/security/acl.rb +103 -103
  884. data/lib/chef/win32/security/securable_object.rb +109 -109
  885. data/lib/chef/win32/security/security_descriptor.rb +93 -93
  886. data/lib/chef/win32/security/sid.rb +347 -347
  887. data/lib/chef/win32/security/token.rb +72 -72
  888. data/lib/chef/win32/system.rb +62 -62
  889. data/lib/chef/win32/unicode.rb +66 -66
  890. data/lib/chef/win32/version.rb +151 -151
  891. data/lib/chef/win32_service_constants.rb +143 -143
  892. data/lib/chef/workstation_config_loader.rb +23 -23
  893. data/spec/.DS_Store +0 -0
  894. data/spec/data/.DS_Store +0 -0
  895. data/spec/data/apt/chef-integration-test-1.0/debian/changelog +5 -5
  896. data/spec/data/apt/chef-integration-test-1.0/debian/compat +1 -1
  897. data/spec/data/apt/chef-integration-test-1.0/debian/control +13 -13
  898. data/spec/data/apt/chef-integration-test-1.0/debian/copyright +34 -34
  899. data/spec/data/apt/chef-integration-test-1.0/debian/files +1 -1
  900. data/spec/data/apt/chef-integration-test-1.0/debian/rules +13 -13
  901. data/spec/data/apt/chef-integration-test-1.0/debian/source/format +1 -1
  902. data/spec/data/apt/chef-integration-test-1.1/debian/changelog +11 -11
  903. data/spec/data/apt/chef-integration-test-1.1/debian/compat +1 -1
  904. data/spec/data/apt/chef-integration-test-1.1/debian/control +13 -13
  905. data/spec/data/apt/chef-integration-test-1.1/debian/copyright +34 -34
  906. data/spec/data/apt/chef-integration-test-1.1/debian/files +1 -1
  907. data/spec/data/apt/chef-integration-test-1.1/debian/rules +13 -13
  908. data/spec/data/apt/chef-integration-test-1.1/debian/source/format +1 -1
  909. data/spec/data/apt/chef-integration-test2-1.0/debian/changelog +5 -5
  910. data/spec/data/apt/chef-integration-test2-1.0/debian/chef-integration-test2.debhelper.log +45 -45
  911. data/spec/data/apt/chef-integration-test2-1.0/debian/chef-integration-test2.substvars +1 -1
  912. data/spec/data/apt/chef-integration-test2-1.0/debian/chef-integration-test2/DEBIAN/conffiles +1 -1
  913. data/spec/data/apt/chef-integration-test2-1.0/debian/chef-integration-test2/DEBIAN/control +10 -10
  914. data/spec/data/apt/chef-integration-test2-1.0/debian/chef-integration-test2/DEBIAN/md5sums +1 -1
  915. data/spec/data/apt/chef-integration-test2-1.0/debian/compat +1 -1
  916. data/spec/data/apt/chef-integration-test2-1.0/debian/conffiles +1 -1
  917. data/spec/data/apt/chef-integration-test2-1.0/debian/control +13 -13
  918. data/spec/data/apt/chef-integration-test2-1.0/debian/copyright +34 -34
  919. data/spec/data/apt/chef-integration-test2-1.0/debian/files +1 -1
  920. data/spec/data/apt/chef-integration-test2-1.0/debian/rules +13 -13
  921. data/spec/data/apt/chef-integration-test2-1.0/debian/source/format +1 -1
  922. data/spec/data/apt/chef-integration-test2_1.0-1.dsc +18 -18
  923. data/spec/data/apt/chef-integration-test2_1.0-1_amd64.build +91 -91
  924. data/spec/data/apt/chef-integration-test2_1.0-1_amd64.changes +31 -31
  925. data/spec/data/apt/chef-integration-test_1.0-1_amd64.changes +22 -22
  926. data/spec/data/apt/chef-integration-test_1.1-1_amd64.changes +22 -22
  927. data/spec/data/apt/var/www/apt/conf/distributions +7 -7
  928. data/spec/data/apt/var/www/apt/conf/incoming +4 -4
  929. data/spec/data/apt/var/www/apt/conf/pulls +3 -3
  930. data/spec/data/apt/var/www/apt/db/version +4 -4
  931. data/spec/data/apt/var/www/apt/dists/sid/Release +19 -19
  932. data/spec/data/apt/var/www/apt/dists/sid/main/binary-amd64/Packages +16 -16
  933. data/spec/data/apt/var/www/apt/dists/sid/main/binary-amd64/Release +5 -5
  934. data/spec/data/bootstrap/encrypted_data_bag_secret +1 -1
  935. data/spec/data/bootstrap/no_proxy.erb +2 -2
  936. data/spec/data/bootstrap/secret.erb +9 -9
  937. data/spec/data/bootstrap/test-hints.erb +12 -12
  938. data/spec/data/bootstrap/test.erb +1 -1
  939. data/spec/data/cb_version_cookbooks/tatft/README.rdoc +2 -2
  940. data/spec/data/cb_version_cookbooks/tatft/attributes/default.rb +1 -1
  941. data/spec/data/checksum_cache/chef-file--tmp-chef-rendered-template20100929-10863-600hhz-0 +1 -1
  942. data/spec/data/checksum_cache/chef-file--tmp-chef-rendered-template20100929-10863-ahd2gq-0 +1 -1
  943. data/spec/data/checksum_cache/chef-file--tmp-chef-rendered-template20100929-10863-api8ux-0 +1 -1
  944. data/spec/data/checksum_cache/chef-file--tmp-chef-rendered-template20100929-10863-b0r1m1-0 +1 -1
  945. data/spec/data/checksum_cache/chef-file--tmp-chef-rendered-template20100929-10863-bfygsi-0 +1 -1
  946. data/spec/data/checksum_cache/chef-file--tmp-chef-rendered-template20100929-10863-el14l6-0 +1 -1
  947. data/spec/data/checksum_cache/chef-file--tmp-chef-rendered-template20100929-10863-ivrl3y-0 +1 -1
  948. data/spec/data/checksum_cache/chef-file--tmp-chef-rendered-template20100929-10863-kkbs85-0 +1 -1
  949. data/spec/data/checksum_cache/chef-file--tmp-chef-rendered-template20100929-10863-ory1ux-0 +1 -1
  950. data/spec/data/checksum_cache/chef-file--tmp-chef-rendered-template20100929-10863-pgsq76-0 +1 -1
  951. data/spec/data/checksum_cache/chef-file--tmp-chef-rendered-template20100929-10863-ra8uim-0 +1 -1
  952. data/spec/data/checksum_cache/chef-file--tmp-chef-rendered-template20100929-10863-t7k1g-0 +1 -1
  953. data/spec/data/checksum_cache/chef-file--tmp-chef-rendered-template20100929-10863-t8g0sv-0 +1 -1
  954. data/spec/data/checksum_cache/chef-file--tmp-chef-rendered-template20100929-10863-ufy6g3-0 +1 -1
  955. data/spec/data/checksum_cache/chef-file--tmp-chef-rendered-template20100929-10863-x2d6j9-0 +1 -1
  956. data/spec/data/checksum_cache/chef-file--tmp-chef-rendered-template20100929-10863-xi0l6h-0 +1 -1
  957. data/spec/data/client.d_00/00-foo.rb +2 -2
  958. data/spec/data/client.d_00/01-bar.rb +1 -1
  959. data/spec/data/client.d_00/02-strings.rb +2 -2
  960. data/spec/data/client.d_00/bar +1 -1
  961. data/spec/data/client.d_01/foo/bar.rb +1 -1
  962. data/spec/data/client.d_02/foo.rb/foo.txt +1 -1
  963. data/spec/data/config.rb +6 -6
  964. data/spec/data/cookbooks/.DS_Store +0 -0
  965. data/spec/data/cookbooks/angrybash/metadata.rb +2 -2
  966. data/spec/data/cookbooks/angrybash/recipes/default.rb +8 -8
  967. data/spec/data/cookbooks/apache2/files/default/apache2_module_conf_generate.pl +2 -2
  968. data/spec/data/cookbooks/apache2/metadata.rb +2 -2
  969. data/spec/data/cookbooks/apache2/recipes/default.rb +2 -2
  970. data/spec/data/cookbooks/borken/metadata.rb +2 -2
  971. data/spec/data/cookbooks/borken/recipes/default.rb +1 -1
  972. data/spec/data/cookbooks/borken/templates/default/borken.erb +1 -1
  973. data/spec/data/cookbooks/chefignore +8 -8
  974. data/spec/data/cookbooks/ignorken/files/default/not_me.rb +2 -2
  975. data/spec/data/cookbooks/ignorken/metadata.rb +2 -2
  976. data/spec/data/cookbooks/ignorken/recipes/ignoreme.rb +1 -1
  977. data/spec/data/cookbooks/ignorken/templates/ubuntu-12.10/not_me.rb +2 -2
  978. data/spec/data/cookbooks/irssi/files/default/irssi.response +2 -2
  979. data/spec/data/cookbooks/java/.DS_Store +0 -0
  980. data/spec/data/cookbooks/java/files/.DS_Store +0 -0
  981. data/spec/data/cookbooks/java/files/default/java.response +1 -1
  982. data/spec/data/cookbooks/java/metadata.rb +2 -2
  983. data/spec/data/cookbooks/name-mismatch-versionnumber/README.md +4 -4
  984. data/spec/data/cookbooks/name-mismatch-versionnumber/metadata.rb +8 -8
  985. data/spec/data/cookbooks/name-mismatch-versionnumber/recipes/default.rb +8 -8
  986. data/spec/data/cookbooks/openldap/attributes/default.rb +16 -16
  987. data/spec/data/cookbooks/openldap/attributes/smokey.rb +1 -1
  988. data/spec/data/cookbooks/openldap/definitions/client.rb +5 -5
  989. data/spec/data/cookbooks/openldap/definitions/server.rb +5 -5
  990. data/spec/data/cookbooks/openldap/files/default/.dotfile +1 -1
  991. data/spec/data/cookbooks/openldap/files/default/remotedir/.a_dotdir/.a_dotfile_in_a_dotdir +1 -1
  992. data/spec/data/cookbooks/openldap/files/default/remotedir/not_a_template.erb +2 -2
  993. data/spec/data/cookbooks/openldap/files/default/remotedir/remote_dir_file1.txt +2 -2
  994. data/spec/data/cookbooks/openldap/files/default/remotedir/remote_dir_file2.txt +2 -2
  995. data/spec/data/cookbooks/openldap/files/default/remotedir/remotesubdir/.a_dotfile +1 -1
  996. data/spec/data/cookbooks/openldap/files/default/remotedir/remotesubdir/remote_subdir_file1.txt +2 -2
  997. data/spec/data/cookbooks/openldap/files/default/remotedir/remotesubdir/remote_subdir_file2.txt +2 -2
  998. data/spec/data/cookbooks/openldap/files/default/remotedir/subdir_with_no_file_just_a_subsubdir/the_subsubdir/some_file.txt +3 -3
  999. data/spec/data/cookbooks/openldap/libraries/openldap.rb +4 -4
  1000. data/spec/data/cookbooks/openldap/libraries/openldap/version.rb +3 -3
  1001. data/spec/data/cookbooks/openldap/metadata.rb +8 -8
  1002. data/spec/data/cookbooks/openldap/recipes/default.rb +4 -4
  1003. data/spec/data/cookbooks/openldap/recipes/gigantor.rb +3 -3
  1004. data/spec/data/cookbooks/openldap/recipes/one.rb +15 -15
  1005. data/spec/data/cookbooks/openldap/recipes/return.rb +2 -2
  1006. data/spec/data/cookbooks/openldap/templates/default/helper_test.erb +1 -1
  1007. data/spec/data/cookbooks/openldap/templates/default/helpers.erb +14 -14
  1008. data/spec/data/cookbooks/openldap/templates/default/helpers_via_partial_test.erb +1 -1
  1009. data/spec/data/cookbooks/openldap/templates/default/nested_openldap_partials.erb +1 -1
  1010. data/spec/data/cookbooks/openldap/templates/default/nested_partial.erb +1 -1
  1011. data/spec/data/cookbooks/openldap/templates/default/no_windows_line_endings.erb +4 -4
  1012. data/spec/data/cookbooks/openldap/templates/default/openldap_nested_variable_stuff.erb +1 -1
  1013. data/spec/data/cookbooks/openldap/templates/default/openldap_variable_stuff.conf.erb +1 -1
  1014. data/spec/data/cookbooks/openldap/templates/default/test.erb +1 -1
  1015. data/spec/data/cookbooks/preseed/files/default/preseed-file.seed +1 -1
  1016. data/spec/data/cookbooks/preseed/files/default/preseed-template.seed +4 -4
  1017. data/spec/data/cookbooks/preseed/metadata.rb +2 -2
  1018. data/spec/data/cookbooks/preseed/templates/default/preseed-template-variables.seed +1 -1
  1019. data/spec/data/cookbooks/preseed/templates/default/preseed-template.seed +1 -1
  1020. data/spec/data/cookbooks/supports-platform-constraints/metadata.rb +5 -5
  1021. data/spec/data/cookbooks/wget/files/default/wget.response +2 -2
  1022. data/spec/data/definitions/test.rb +4 -4
  1023. data/spec/data/environment-config.rb +4 -4
  1024. data/spec/data/file-providers-method-snapshot-chef-11-4.json +127 -127
  1025. data/spec/data/fileedit/hosts +4 -4
  1026. data/spec/data/incomplete-metadata-chef-repo/incomplete-metadata/README.md +4 -4
  1027. data/spec/data/incomplete-metadata-chef-repo/incomplete-metadata/metadata.rb +13 -13
  1028. data/spec/data/incomplete-metadata-chef-repo/incomplete-metadata/recipes/default.rb +8 -8
  1029. data/spec/data/invalid-metadata-chef-repo/invalid-metadata/README.md +4 -4
  1030. data/spec/data/invalid-metadata-chef-repo/invalid-metadata/metadata.rb +9 -9
  1031. data/spec/data/invalid-metadata-chef-repo/invalid-metadata/recipes/default.rb +8 -8
  1032. data/spec/data/kitchen/chefignore +6 -6
  1033. data/spec/data/kitchen/openldap/attributes/default.rb +3 -3
  1034. data/spec/data/kitchen/openldap/attributes/robinson.rb +2 -2
  1035. data/spec/data/kitchen/openldap/definitions/client.rb +3 -3
  1036. data/spec/data/kitchen/openldap/definitions/drewbarrymore.rb +2 -2
  1037. data/spec/data/kitchen/openldap/recipes/gigantor.rb +2 -2
  1038. data/spec/data/kitchen/openldap/recipes/ignoreme.rb +2 -2
  1039. data/spec/data/kitchen/openldap/recipes/woot.rb +3 -3
  1040. data/spec/data/knife_subcommand/test_explicit_category.rb +6 -6
  1041. data/spec/data/knife_subcommand/test_name_mapping.rb +4 -4
  1042. data/spec/data/knife_subcommand/test_yourself.rb +21 -21
  1043. data/spec/data/lwrp/providers/buck_passer.rb +28 -28
  1044. data/spec/data/lwrp/providers/buck_passer_2.rb +26 -26
  1045. data/spec/data/lwrp/providers/embedded_resource_accesses_providers_scope.rb +28 -28
  1046. data/spec/data/lwrp/providers/inline_compiler.rb +24 -24
  1047. data/spec/data/lwrp/providers/monkey_name_printer.rb +5 -5
  1048. data/spec/data/lwrp/providers/paint_drying_watcher.rb +7 -7
  1049. data/spec/data/lwrp/providers/thumb_twiddler.rb +7 -7
  1050. data/spec/data/lwrp/resources/bar.rb +2 -2
  1051. data/spec/data/lwrp/resources/buck_passer.rb +5 -5
  1052. data/spec/data/lwrp/resources/buck_passer_2.rb +3 -3
  1053. data/spec/data/lwrp/resources/embedded_resource_accesses_providers_scope.rb +3 -3
  1054. data/spec/data/lwrp/resources/foo.rb +4 -4
  1055. data/spec/data/lwrp/resources/inline_compiler.rb +3 -3
  1056. data/spec/data/lwrp/resources/monkey_name_printer.rb +5 -5
  1057. data/spec/data/lwrp/resources/paint_drying_watcher.rb +3 -3
  1058. data/spec/data/lwrp/resources/thumb_twiddler.rb +3 -3
  1059. data/spec/data/lwrp/resources_with_default_attributes/nodeattr.rb +1 -1
  1060. data/spec/data/lwrp_override/providers/buck_passer.rb +5 -5
  1061. data/spec/data/lwrp_override/resources/foo.rb +10 -10
  1062. data/spec/data/mac_users/.DS_Store +0 -0
  1063. data/spec/data/mac_users/10.9.plist.xml +560 -560
  1064. data/spec/data/mac_users/10.9.shadow.xml +21 -21
  1065. data/spec/data/metadata/quick_start/metadata.rb +14 -14
  1066. data/spec/data/mixin/invalid_data.rb +3 -3
  1067. data/spec/data/mixin/real_data.rb +2 -2
  1068. data/spec/data/nested.json +2 -2
  1069. data/spec/data/nodes/Tim.local.json +3 -0
  1070. data/spec/data/nodes/Tims-MBP.local.json +3 -0
  1071. data/spec/data/nodes/default.rb +15 -15
  1072. data/spec/data/nodes/test.example.com.rb +17 -17
  1073. data/spec/data/nodes/test.rb +15 -15
  1074. data/spec/data/null_config.rb +1 -1
  1075. data/spec/data/object_loader/environments/test.json +7 -7
  1076. data/spec/data/object_loader/environments/test.rb +2 -2
  1077. data/spec/data/object_loader/environments/test_json_class.json +8 -8
  1078. data/spec/data/object_loader/nodes/test.json +7 -7
  1079. data/spec/data/object_loader/nodes/test.rb +2 -2
  1080. data/spec/data/object_loader/nodes/test_json_class.json +8 -8
  1081. data/spec/data/object_loader/roles/test.json +7 -7
  1082. data/spec/data/object_loader/roles/test.rb +2 -2
  1083. data/spec/data/object_loader/roles/test_json_class.json +8 -8
  1084. data/spec/data/partial_one.erb +1 -1
  1085. data/spec/data/prefer_metadata_json/metadata.json +51 -51
  1086. data/spec/data/prefer_metadata_json/metadata.rb +6 -6
  1087. data/spec/data/recipes/test.rb +7 -7
  1088. data/spec/data/root_alias_cookbooks/dup_attr/attributes.rb +1 -1
  1089. data/spec/data/root_alias_cookbooks/dup_attr/attributes/default.rb +1 -1
  1090. data/spec/data/root_alias_cookbooks/dup_attr/metadata.rb +2 -2
  1091. data/spec/data/root_alias_cookbooks/dup_attr/recipe.rb +3 -3
  1092. data/spec/data/root_alias_cookbooks/dup_recipe/attributes.rb +1 -1
  1093. data/spec/data/root_alias_cookbooks/dup_recipe/metadata.rb +2 -2
  1094. data/spec/data/root_alias_cookbooks/dup_recipe/recipe.rb +3 -3
  1095. data/spec/data/root_alias_cookbooks/dup_recipe/recipes/default.rb +3 -3
  1096. data/spec/data/root_alias_cookbooks/simple/attributes.rb +1 -1
  1097. data/spec/data/root_alias_cookbooks/simple/metadata.rb +2 -2
  1098. data/spec/data/root_alias_cookbooks/simple/recipe.rb +3 -3
  1099. data/spec/data/run_context/.DS_Store +0 -0
  1100. data/spec/data/run_context/cookbooks/.DS_Store +0 -0
  1101. data/spec/data/run_context/cookbooks/circular-dep1/attributes/default.rb +2 -2
  1102. data/spec/data/run_context/cookbooks/circular-dep1/definitions/circular_dep1_res.rb +1 -1
  1103. data/spec/data/run_context/cookbooks/circular-dep1/libraries/lib.rb +2 -2
  1104. data/spec/data/run_context/cookbooks/circular-dep1/metadata.rb +2 -2
  1105. data/spec/data/run_context/cookbooks/circular-dep1/providers/provider.rb +1 -1
  1106. data/spec/data/run_context/cookbooks/circular-dep1/resources/resource.rb +1 -1
  1107. data/spec/data/run_context/cookbooks/circular-dep2/attributes/default.rb +2 -2
  1108. data/spec/data/run_context/cookbooks/circular-dep2/definitions/circular_dep2_res.rb +1 -1
  1109. data/spec/data/run_context/cookbooks/circular-dep2/libraries/lib.rb +2 -2
  1110. data/spec/data/run_context/cookbooks/circular-dep2/metadata.rb +2 -2
  1111. data/spec/data/run_context/cookbooks/circular-dep2/providers/provider.rb +1 -1
  1112. data/spec/data/run_context/cookbooks/circular-dep2/resources/resource.rb +1 -1
  1113. data/spec/data/run_context/cookbooks/dependency1/attributes/aa_first.rb +2 -2
  1114. data/spec/data/run_context/cookbooks/dependency1/attributes/default.rb +2 -2
  1115. data/spec/data/run_context/cookbooks/dependency1/attributes/unparsed_file +1 -1
  1116. data/spec/data/run_context/cookbooks/dependency1/attributes/zz_last.rb +2 -2
  1117. data/spec/data/run_context/cookbooks/dependency1/definitions/dependency1_res.rb +1 -1
  1118. data/spec/data/run_context/cookbooks/dependency1/definitions/unparsed_file +1 -1
  1119. data/spec/data/run_context/cookbooks/dependency1/libraries/lib.rb +2 -2
  1120. data/spec/data/run_context/cookbooks/dependency1/libraries/unparsed_file +1 -1
  1121. data/spec/data/run_context/cookbooks/dependency1/providers/provider.rb +1 -1
  1122. data/spec/data/run_context/cookbooks/dependency1/providers/unparsed_file +1 -1
  1123. data/spec/data/run_context/cookbooks/dependency1/recipes/unparsed_file +1 -1
  1124. data/spec/data/run_context/cookbooks/dependency1/resources/resource.rb +1 -1
  1125. data/spec/data/run_context/cookbooks/dependency1/resources/unparsed_file +1 -1
  1126. data/spec/data/run_context/cookbooks/dependency2/attributes/default.rb +2 -2
  1127. data/spec/data/run_context/cookbooks/dependency2/definitions/dependency2_res.rb +1 -1
  1128. data/spec/data/run_context/cookbooks/dependency2/libraries/lib.rb +2 -2
  1129. data/spec/data/run_context/cookbooks/dependency2/providers/provider.rb +1 -1
  1130. data/spec/data/run_context/cookbooks/dependency2/resources/resource.rb +1 -1
  1131. data/spec/data/run_context/cookbooks/include/recipes/default.rb +24 -24
  1132. data/spec/data/run_context/cookbooks/include/recipes/includee.rb +3 -3
  1133. data/spec/data/run_context/cookbooks/no-default-attr/attributes/server.rb +2 -2
  1134. data/spec/data/run_context/cookbooks/no-default-attr/definitions/no_default-attr_res.rb +1 -1
  1135. data/spec/data/run_context/cookbooks/no-default-attr/providers/provider.rb +1 -1
  1136. data/spec/data/run_context/cookbooks/no-default-attr/resources/resource.rb +1 -1
  1137. data/spec/data/run_context/cookbooks/test-with-circular-deps/attributes/default.rb +2 -2
  1138. data/spec/data/run_context/cookbooks/test-with-circular-deps/definitions/test_with-circular-deps_res.rb +1 -1
  1139. data/spec/data/run_context/cookbooks/test-with-circular-deps/libraries/lib.rb +2 -2
  1140. data/spec/data/run_context/cookbooks/test-with-circular-deps/metadata.rb +2 -2
  1141. data/spec/data/run_context/cookbooks/test-with-circular-deps/providers/provider.rb +1 -1
  1142. data/spec/data/run_context/cookbooks/test-with-circular-deps/resources/resource.rb +1 -1
  1143. data/spec/data/run_context/cookbooks/test-with-deps/attributes/default.rb +2 -2
  1144. data/spec/data/run_context/cookbooks/test-with-deps/definitions/test_with-deps_res.rb +1 -1
  1145. data/spec/data/run_context/cookbooks/test-with-deps/libraries/lib.rb +1 -1
  1146. data/spec/data/run_context/cookbooks/test-with-deps/metadata.rb +3 -3
  1147. data/spec/data/run_context/cookbooks/test-with-deps/providers/provider.rb +1 -1
  1148. data/spec/data/run_context/cookbooks/test-with-deps/resources/resource.rb +1 -1
  1149. data/spec/data/run_context/cookbooks/test/attributes/george.rb +1 -1
  1150. data/spec/data/run_context/cookbooks/test/definitions/new_animals.rb +9 -9
  1151. data/spec/data/run_context/cookbooks/test/definitions/new_cat.rb +5 -5
  1152. data/spec/data/run_context/cookbooks/test/definitions/test_res.rb +1 -1
  1153. data/spec/data/run_context/cookbooks/test/providers/provider.rb +1 -1
  1154. data/spec/data/run_context/cookbooks/test/recipes/default.rb +5 -5
  1155. data/spec/data/run_context/cookbooks/test/recipes/one.rb +7 -7
  1156. data/spec/data/run_context/cookbooks/test/recipes/two.rb +7 -7
  1157. data/spec/data/run_context/cookbooks/test/resources/resource.rb +1 -1
  1158. data/spec/data/run_context/nodes/run_context.rb +5 -5
  1159. data/spec/data/sample_msu1.xml +10 -10
  1160. data/spec/data/sample_msu2.xml +14 -14
  1161. data/spec/data/sample_msu3.xml +16 -16
  1162. data/spec/data/search_queries_to_transform.txt +98 -98
  1163. data/spec/data/shef-config.rb +11 -11
  1164. data/spec/data/snap_package/async_result_success.json +6 -6
  1165. data/spec/data/snap_package/change_id_result.json +175 -175
  1166. data/spec/data/snap_package/find_result_failure.json +10 -10
  1167. data/spec/data/snap_package/find_result_success.json +70 -70
  1168. data/spec/data/snap_package/get_by_name_result_failure.json +10 -10
  1169. data/spec/data/snap_package/get_by_name_result_success.json +38 -38
  1170. data/spec/data/snap_package/get_conf_success.json +10 -10
  1171. data/spec/data/snap_package/result_failure.json +9 -9
  1172. data/spec/data/ssl/5e707473.0 +18 -18
  1173. data/spec/data/ssl/chef-rspec.cert +27 -27
  1174. data/spec/data/ssl/chef-rspec.key +27 -27
  1175. data/spec/data/ssl/key.pem +15 -15
  1176. data/spec/data/ssl/private_key.pem +27 -27
  1177. data/spec/data/ssl/private_key_with_whitespace.pem +32 -32
  1178. data/spec/data/standalone_cookbook/chefignore +9 -9
  1179. data/spec/data/standalone_cookbook/recipes/default.rb +2 -2
  1180. data/spec/data/templates/failed.erb +5 -0
  1181. data/spec/data/trusted_certs/example.crt +22 -22
  1182. data/spec/data/trusted_certs/example_no_cn.crt +36 -36
  1183. data/spec/data/trusted_certs/intermediate.pem +27 -27
  1184. data/spec/data/trusted_certs/opscode.pem +57 -57
  1185. data/spec/data/trusted_certs/root.pem +22 -22
  1186. data/spec/data/trusted_certs_empty/README.md +1 -1
  1187. data/spec/data/windows_certificates/base64_test.cer +22 -22
  1188. data/spec/data/windows_certificates/test.pem +21 -21
  1189. data/spec/functional/.DS_Store +0 -0
  1190. data/spec/functional/application_spec.rb +58 -58
  1191. data/spec/functional/assets/chefinittest +36 -36
  1192. data/spec/functional/assets/inittest +36 -0
  1193. data/spec/functional/assets/testchefsubsys +10 -10
  1194. data/spec/functional/assets/yumrepo/repodata/repomd.xml +21 -21
  1195. data/spec/functional/dsl/reboot_pending_spec.rb +87 -87
  1196. data/spec/functional/dsl/registry_helper_spec.rb +61 -61
  1197. data/spec/functional/event_loggers/windows_eventlog_spec.rb +104 -104
  1198. data/spec/functional/file_content_management/deploy_strategies_spec.rb +229 -229
  1199. data/spec/functional/http/simple_spec.rb +146 -146
  1200. data/spec/functional/knife/configure_spec.rb +33 -33
  1201. data/spec/functional/knife/cookbook_delete_spec.rb +156 -156
  1202. data/spec/functional/knife/exec_spec.rb +55 -55
  1203. data/spec/functional/knife/rehash_spec.rb +39 -39
  1204. data/spec/functional/knife/smoke_test.rb +42 -42
  1205. data/spec/functional/knife/ssh_spec.rb +359 -359
  1206. data/spec/functional/mixin/from_file_spec.rb +93 -82
  1207. data/spec/functional/mixin/powershell_out_spec.rb +43 -43
  1208. data/spec/functional/mixin/shell_out_spec.rb +48 -48
  1209. data/spec/functional/mixin/user_context_spec.rb +117 -117
  1210. data/spec/functional/notifications_spec.rb +238 -238
  1211. data/spec/functional/provider/remote_file/cache_control_data_spec.rb +100 -100
  1212. data/spec/functional/provider/whyrun_safe_ruby_block_spec.rb +51 -51
  1213. data/spec/functional/rebooter_spec.rb +117 -117
  1214. data/spec/functional/resource/.DS_Store +0 -0
  1215. data/spec/functional/resource/aix_service_spec.rb +138 -138
  1216. data/spec/functional/resource/aixinit_service_spec.rb +211 -211
  1217. data/spec/functional/resource/apt_package_spec.rb +386 -386
  1218. data/spec/functional/resource/base.rb +28 -28
  1219. data/spec/functional/resource/bash_spec.rb +54 -54
  1220. data/spec/functional/resource/batch_spec.rb +34 -34
  1221. data/spec/functional/resource/bff_spec.rb +120 -120
  1222. data/spec/functional/resource/chocolatey_package_spec.rb +118 -118
  1223. data/spec/functional/resource/cookbook_file_spec.rb +81 -81
  1224. data/spec/functional/resource/cron_spec.rb +179 -179
  1225. data/spec/functional/resource/directory_spec.rb +43 -43
  1226. data/spec/functional/resource/dnf_package_spec.rb +686 -686
  1227. data/spec/functional/resource/dpkg_package_spec.rb +339 -339
  1228. data/spec/functional/resource/dsc_resource_spec.rb +90 -90
  1229. data/spec/functional/resource/dsc_script_spec.rb +484 -484
  1230. data/spec/functional/resource/execute_spec.rb +171 -171
  1231. data/spec/functional/resource/file_spec.rb +167 -167
  1232. data/spec/functional/resource/git_spec.rb +257 -257
  1233. data/spec/functional/resource/group_spec.rb +464 -464
  1234. data/spec/functional/resource/ifconfig_spec.rb +172 -172
  1235. data/spec/functional/resource/insserv_spec.rb +206 -0
  1236. data/spec/functional/resource/link_spec.rb +699 -699
  1237. data/spec/functional/resource/locale_spec.rb +97 -97
  1238. data/spec/functional/resource/mount_spec.rb +207 -207
  1239. data/spec/functional/resource/msu_package_spec.rb +98 -98
  1240. data/spec/functional/resource/ohai_spec.rb +62 -62
  1241. data/spec/functional/resource/powershell_script_spec.rb +605 -605
  1242. data/spec/functional/resource/reboot_spec.rb +103 -103
  1243. data/spec/functional/resource/registry_spec.rb +676 -676
  1244. data/spec/functional/resource/remote_directory_spec.rb +220 -220
  1245. data/spec/functional/resource/remote_file_spec.rb +424 -424
  1246. data/spec/functional/resource/rpm_spec.rb +120 -120
  1247. data/spec/functional/resource/template_spec.rb +245 -245
  1248. data/spec/functional/resource/timezone_spec.rb +39 -39
  1249. data/spec/functional/resource/user/dscl_spec.rb +188 -188
  1250. data/spec/functional/resource/user/windows_spec.rb +245 -245
  1251. data/spec/functional/resource/windows_certificate_spec.rb +492 -492
  1252. data/spec/functional/resource/windows_env_spec.rb +285 -285
  1253. data/spec/functional/resource/windows_package_spec.rb +168 -168
  1254. data/spec/functional/resource/windows_path_spec.rb +64 -64
  1255. data/spec/functional/resource/windows_service_spec.rb +102 -102
  1256. data/spec/functional/resource/windows_task_spec.rb +1969 -1969
  1257. data/spec/functional/resource/yum_package_spec.rb +978 -978
  1258. data/spec/functional/resource/zypper_package_spec.rb +233 -233
  1259. data/spec/functional/root_alias_spec.rb +78 -78
  1260. data/spec/functional/run_lock_spec.rb +473 -473
  1261. data/spec/functional/shell_spec.rb +145 -145
  1262. data/spec/functional/tiny_server_spec.rb +79 -79
  1263. data/spec/functional/util/.DS_Store +0 -0
  1264. data/spec/functional/util/path_helper_spec.rb +37 -37
  1265. data/spec/functional/util/powershell/cmdlet_spec.rb +111 -111
  1266. data/spec/functional/version_spec.rb +36 -35
  1267. data/spec/functional/win32/crypto_spec.rb +54 -54
  1268. data/spec/functional/win32/registry_spec.rb +624 -624
  1269. data/spec/functional/win32/security_spec.rb +206 -206
  1270. data/spec/functional/win32/service_manager_spec.rb +220 -220
  1271. data/spec/functional/win32/sid_spec.rb +55 -55
  1272. data/spec/functional/win32/version_info_spec.rb +50 -50
  1273. data/spec/functional/win32/versions_spec.rb +115 -115
  1274. data/spec/integration/.DS_Store +0 -0
  1275. data/spec/integration/client/client_spec.rb +722 -721
  1276. data/spec/integration/client/exit_code_spec.rb +114 -114
  1277. data/spec/integration/client/ipv6_spec.rb +134 -134
  1278. data/spec/integration/knife/chef_fs_data_store_spec.rb +556 -556
  1279. data/spec/integration/knife/chef_repo_path_spec.rb +959 -959
  1280. data/spec/integration/knife/chef_repository_file_system_spec.rb +199 -199
  1281. data/spec/integration/knife/chefignore_spec.rb +300 -300
  1282. data/spec/integration/knife/client_bulk_delete_spec.rb +130 -130
  1283. data/spec/integration/knife/client_create_spec.rb +69 -69
  1284. data/spec/integration/knife/client_delete_spec.rb +63 -63
  1285. data/spec/integration/knife/client_key_create_spec.rb +65 -65
  1286. data/spec/integration/knife/client_key_delete_spec.rb +42 -42
  1287. data/spec/integration/knife/client_key_list_spec.rb +60 -60
  1288. data/spec/integration/knife/client_key_show_spec.rb +44 -44
  1289. data/spec/integration/knife/client_list_spec.rb +48 -48
  1290. data/spec/integration/knife/client_show_spec.rb +36 -36
  1291. data/spec/integration/knife/common_options_spec.rb +173 -173
  1292. data/spec/integration/knife/config_get_profile_spec.rb +112 -112
  1293. data/spec/integration/knife/config_get_spec.rb +183 -183
  1294. data/spec/integration/knife/config_list_profiles_spec.rb +188 -188
  1295. data/spec/integration/knife/config_use_profile_spec.rb +100 -100
  1296. data/spec/integration/knife/cookbook_api_ipv6_spec.rb +112 -112
  1297. data/spec/integration/knife/cookbook_bulk_delete_spec.rb +64 -64
  1298. data/spec/integration/knife/cookbook_download_spec.rb +71 -71
  1299. data/spec/integration/knife/cookbook_list_spec.rb +54 -54
  1300. data/spec/integration/knife/cookbook_show_spec.rb +146 -146
  1301. data/spec/integration/knife/cookbook_upload_spec.rb +90 -90
  1302. data/spec/integration/knife/data_bag_create_spec.rb +124 -124
  1303. data/spec/integration/knife/data_bag_delete_spec.rb +58 -58
  1304. data/spec/integration/knife/data_bag_edit_spec.rb +104 -104
  1305. data/spec/integration/knife/data_bag_from_file_spec.rb +115 -115
  1306. data/spec/integration/knife/data_bag_list_spec.rb +43 -43
  1307. data/spec/integration/knife/data_bag_show_spec.rb +94 -94
  1308. data/spec/integration/knife/delete_spec.rb +1017 -1017
  1309. data/spec/integration/knife/deps_spec.rb +702 -702
  1310. data/spec/integration/knife/diff_spec.rb +602 -602
  1311. data/spec/integration/knife/download_spec.rb +1333 -1333
  1312. data/spec/integration/knife/environment_compare_spec.rb +74 -74
  1313. data/spec/integration/knife/environment_create_spec.rb +40 -40
  1314. data/spec/integration/knife/environment_delete_spec.rb +36 -36
  1315. data/spec/integration/knife/environment_from_file_spec.rb +115 -115
  1316. data/spec/integration/knife/environment_list_spec.rb +41 -41
  1317. data/spec/integration/knife/environment_show_spec.rb +76 -76
  1318. data/spec/integration/knife/list_spec.rb +1059 -1059
  1319. data/spec/integration/knife/node_bulk_delete_spec.rb +51 -51
  1320. data/spec/integration/knife/node_create_spec.rb +46 -46
  1321. data/spec/integration/knife/node_delete_spec.rb +47 -47
  1322. data/spec/integration/knife/node_environment_set_spec.rb +45 -45
  1323. data/spec/integration/knife/node_from_file_spec.rb +58 -58
  1324. data/spec/integration/knife/node_list_spec.rb +44 -44
  1325. data/spec/integration/knife/node_run_list_add_spec.rb +53 -53
  1326. data/spec/integration/knife/node_run_list_remove_spec.rb +35 -35
  1327. data/spec/integration/knife/node_run_list_set_spec.rb +40 -40
  1328. data/spec/integration/knife/node_show_spec.rb +35 -35
  1329. data/spec/integration/knife/raw_spec.rb +248 -248
  1330. data/spec/integration/knife/redirection_spec.rb +54 -54
  1331. data/spec/integration/knife/role_bulk_delete_spec.rb +51 -51
  1332. data/spec/integration/knife/role_create_spec.rb +40 -40
  1333. data/spec/integration/knife/role_delete_spec.rb +47 -47
  1334. data/spec/integration/knife/role_from_file_spec.rb +95 -95
  1335. data/spec/integration/knife/role_list_spec.rb +44 -44
  1336. data/spec/integration/knife/role_show_spec.rb +50 -50
  1337. data/spec/integration/knife/search_node_spec.rb +39 -39
  1338. data/spec/integration/knife/serve_spec.rb +93 -93
  1339. data/spec/integration/knife/show_spec.rb +167 -167
  1340. data/spec/integration/knife/upload_spec.rb +1540 -1540
  1341. data/spec/integration/recipes/accumulator_spec.rb +232 -232
  1342. data/spec/integration/recipes/lwrp_inline_resources_spec.rb +171 -171
  1343. data/spec/integration/recipes/lwrp_spec.rb +53 -53
  1344. data/spec/integration/recipes/noop_resource_spec.rb +24 -24
  1345. data/spec/integration/recipes/notifies_spec.rb +394 -394
  1346. data/spec/integration/recipes/notifying_block_spec.rb +111 -111
  1347. data/spec/integration/recipes/provider_choice.rb +37 -37
  1348. data/spec/integration/recipes/recipe_dsl_spec.rb +1373 -1373
  1349. data/spec/integration/recipes/remote_directory.rb +74 -74
  1350. data/spec/integration/recipes/resource_action_spec.rb +504 -504
  1351. data/spec/integration/recipes/resource_converge_if_changed_spec.rb +552 -552
  1352. data/spec/integration/recipes/resource_load_spec.rb +192 -192
  1353. data/spec/integration/solo/solo_spec.rb +218 -217
  1354. data/spec/rcov.opts +2 -2
  1355. data/spec/scripts/ssl-serve.rb +47 -47
  1356. data/spec/spec_helper.rb +327 -326
  1357. data/spec/stress/.DS_Store +0 -0
  1358. data/spec/stress/win32/file_spec.rb +37 -37
  1359. data/spec/stress/win32/memory_spec.rb +22 -22
  1360. data/spec/stress/win32/security_spec.rb +69 -69
  1361. data/spec/support/.DS_Store +0 -0
  1362. data/spec/support/chef_helpers.rb +114 -114
  1363. data/spec/support/key_helpers.rb +104 -104
  1364. data/spec/support/lib/chef/provider/easy.rb +35 -35
  1365. data/spec/support/lib/chef/provider/openldap_includer.rb +29 -29
  1366. data/spec/support/lib/chef/provider/snakeoil.rb +42 -42
  1367. data/spec/support/lib/chef/resource/cat.rb +39 -39
  1368. data/spec/support/lib/chef/resource/one_two_three_four.rb +36 -36
  1369. data/spec/support/lib/chef/resource/openldap_includer.rb +28 -28
  1370. data/spec/support/lib/chef/resource/with_state.rb +30 -30
  1371. data/spec/support/lib/chef/resource/zen_follower.rb +35 -35
  1372. data/spec/support/lib/chef/resource/zen_master.rb +40 -40
  1373. data/spec/support/lib/library_load_order.rb +20 -20
  1374. data/spec/support/matchers/leak.rb +98 -98
  1375. data/spec/support/mock/constant.rb +52 -52
  1376. data/spec/support/mock/platform.rb +25 -25
  1377. data/spec/support/platform_helpers.rb +255 -251
  1378. data/spec/support/platforms/prof/gc.rb +51 -51
  1379. data/spec/support/platforms/prof/win32.rb +45 -45
  1380. data/spec/support/platforms/win32/spec_service.rb +59 -59
  1381. data/spec/support/shared/context/config.rb +21 -21
  1382. data/spec/support/shared/context/win32.rb +34 -34
  1383. data/spec/support/shared/functional/diff_disabled.rb +10 -10
  1384. data/spec/support/shared/functional/directory_resource.rb +178 -178
  1385. data/spec/support/shared/functional/execute_resource.rb +150 -150
  1386. data/spec/support/shared/functional/file_resource.rb +1050 -1050
  1387. data/spec/support/shared/functional/http.rb +248 -248
  1388. data/spec/support/shared/functional/knife.rb +37 -37
  1389. data/spec/support/shared/functional/securable_resource.rb +578 -578
  1390. data/spec/support/shared/functional/securable_resource_with_reporting.rb +394 -394
  1391. data/spec/support/shared/functional/win32_service.rb +57 -57
  1392. data/spec/support/shared/functional/windows_script.rb +272 -272
  1393. data/spec/support/shared/integration/app_server_support.rb +40 -40
  1394. data/spec/support/shared/integration/integration_helper.rb +154 -154
  1395. data/spec/support/shared/integration/knife_support.rb +196 -196
  1396. data/spec/support/shared/matchers/exit_with_code.rb +32 -32
  1397. data/spec/support/shared/matchers/match_environment_variable.rb +17 -17
  1398. data/spec/support/shared/shared_examples.rb +14 -14
  1399. data/spec/support/shared/unit/api_error_inspector.rb +190 -190
  1400. data/spec/support/shared/unit/api_versioning.rb +77 -77
  1401. data/spec/support/shared/unit/application_dot_d.rb +75 -75
  1402. data/spec/support/shared/unit/execute_resource.rb +168 -168
  1403. data/spec/support/shared/unit/file_system_support.rb +69 -69
  1404. data/spec/support/shared/unit/knife_shared.rb +39 -39
  1405. data/spec/support/shared/unit/mock_shellout.rb +49 -49
  1406. data/spec/support/shared/unit/platform_introspector.rb +189 -189
  1407. data/spec/support/shared/unit/provider/file.rb +854 -854
  1408. data/spec/support/shared/unit/provider/package/package_shared.rb +95 -95
  1409. data/spec/support/shared/unit/provider/useradd_based_user_provider.rb +402 -402
  1410. data/spec/support/shared/unit/resource/static_provider_resolution.rb +63 -63
  1411. data/spec/support/shared/unit/script_resource.rb +90 -90
  1412. data/spec/support/shared/unit/user_and_client_shared.rb +114 -114
  1413. data/spec/support/shared/unit/windows_script_resource.rb +80 -80
  1414. data/spec/tiny_server.rb +191 -191
  1415. data/spec/unit/.DS_Store +0 -0
  1416. data/spec/unit/action_collection_spec.rb +19 -19
  1417. data/spec/unit/api_client/registration_spec.rb +278 -278
  1418. data/spec/unit/api_client_spec.rb +341 -341
  1419. data/spec/unit/api_client_v1_spec.rb +455 -455
  1420. data/spec/unit/application/apply_spec.rb +113 -113
  1421. data/spec/unit/application/client_spec.rb +595 -595
  1422. data/spec/unit/application/exit_code_spec.rb +134 -134
  1423. data/spec/unit/application/knife_spec.rb +225 -225
  1424. data/spec/unit/application/solo_spec.rb +221 -220
  1425. data/spec/unit/application_spec.rb +581 -493
  1426. data/spec/unit/chef_class_spec.rb +240 -240
  1427. data/spec/unit/chef_fs/config_spec.rb +235 -235
  1428. data/spec/unit/chef_fs/data_handler/data_bag_item_data_handler.rb +82 -82
  1429. data/spec/unit/chef_fs/data_handler/data_handler_base_spec.rb +65 -65
  1430. data/spec/unit/chef_fs/data_handler/group_handler_spec.rb +63 -63
  1431. data/spec/unit/chef_fs/diff_spec.rb +328 -328
  1432. data/spec/unit/chef_fs/file_pattern_spec.rb +512 -512
  1433. data/spec/unit/chef_fs/file_system/cookbook_subdir_spec.rb +34 -34
  1434. data/spec/unit/chef_fs/file_system/operation_failed_error_spec.rb +47 -47
  1435. data/spec/unit/chef_fs/file_system/repository/base_file_spec.rb +126 -126
  1436. data/spec/unit/chef_fs/file_system/repository/directory_spec.rb +175 -175
  1437. data/spec/unit/chef_fs/file_system_spec.rb +148 -148
  1438. data/spec/unit/chef_fs/parallelizer.rb +475 -475
  1439. data/spec/unit/chef_fs/path_util_spec.rb +108 -108
  1440. data/spec/unit/chef_spec.rb +25 -25
  1441. data/spec/unit/client_spec.rb +785 -785
  1442. data/spec/unit/config_fetcher_spec.rb +125 -125
  1443. data/spec/unit/config_spec.rb +31 -31
  1444. data/spec/unit/cookbook/chefignore_spec.rb +49 -49
  1445. data/spec/unit/cookbook/cookbook_version_loader_spec.rb +210 -210
  1446. data/spec/unit/cookbook/file_vendor_spec.rb +123 -123
  1447. data/spec/unit/cookbook/gem_installer_spec.rb +92 -92
  1448. data/spec/unit/cookbook/manifest_v0_spec.rb +133 -133
  1449. data/spec/unit/cookbook/manifest_v2_spec.rb +70 -70
  1450. data/spec/unit/cookbook/metadata_spec.rb +600 -600
  1451. data/spec/unit/cookbook/synchronizer_spec.rb +558 -557
  1452. data/spec/unit/cookbook/syntax_check_spec.rb +226 -226
  1453. data/spec/unit/cookbook_loader_spec.rb +265 -265
  1454. data/spec/unit/cookbook_manifest_spec.rb +228 -228
  1455. data/spec/unit/cookbook_site_streaming_uploader_spec.rb +199 -199
  1456. data/spec/unit/cookbook_spec.rb +62 -62
  1457. data/spec/unit/cookbook_uploader_spec.rb +199 -199
  1458. data/spec/unit/cookbook_version_file_specificity_spec.rb +623 -623
  1459. data/spec/unit/cookbook_version_spec.rb +250 -250
  1460. data/spec/unit/daemon_spec.rb +183 -183
  1461. data/spec/unit/data_bag_item_spec.rb +392 -392
  1462. data/spec/unit/data_bag_spec.rb +260 -260
  1463. data/spec/unit/data_collector_spec.rb +882 -882
  1464. data/spec/unit/decorator/lazy_array_spec.rb +58 -58
  1465. data/spec/unit/decorator/lazy_spec.rb +39 -39
  1466. data/spec/unit/decorator_spec.rb +142 -142
  1467. data/spec/unit/deprecated_spec.rb +65 -65
  1468. data/spec/unit/deprecation_spec.rb +129 -129
  1469. data/spec/unit/digester_spec.rb +49 -49
  1470. data/spec/unit/dsl/data_query_spec.rb +107 -107
  1471. data/spec/unit/dsl/declare_resource_spec.rb +374 -374
  1472. data/spec/unit/dsl/platform_introspection_spec.rb +129 -129
  1473. data/spec/unit/dsl/reboot_pending_spec.rb +87 -87
  1474. data/spec/unit/dsl/recipe_spec.rb +76 -76
  1475. data/spec/unit/dsl/registry_helper_spec.rb +52 -52
  1476. data/spec/unit/dsl/resources_spec.rb +85 -85
  1477. data/spec/unit/encrypted_data_bag_item/check_encrypted_spec.rb +96 -96
  1478. data/spec/unit/encrypted_data_bag_item_spec.rb +438 -438
  1479. data/spec/unit/environment_spec.rb +472 -470
  1480. data/spec/unit/event_dispatch/dispatcher_spec.rb +169 -169
  1481. data/spec/unit/event_dispatch/dsl_spec.rb +83 -83
  1482. data/spec/unit/exceptions_spec.rb +132 -132
  1483. data/spec/unit/file_access_control_spec.rb +308 -308
  1484. data/spec/unit/file_cache_spec.rb +114 -114
  1485. data/spec/unit/file_content_management/deploy/cp_spec.rb +44 -44
  1486. data/spec/unit/file_content_management/deploy/mv_unix_spec.rb +113 -113
  1487. data/spec/unit/file_content_management/deploy/mv_windows_spec.rb +232 -232
  1488. data/spec/unit/file_content_management/tempfile_spec.rb +115 -115
  1489. data/spec/unit/formatters/base_spec.rb +100 -100
  1490. data/spec/unit/formatters/doc_spec.rb +92 -92
  1491. data/spec/unit/formatters/error_description_spec.rb +141 -141
  1492. data/spec/unit/formatters/error_inspectors/api_error_formatting_spec.rb +76 -76
  1493. data/spec/unit/formatters/error_inspectors/compile_error_inspector_spec.rb +265 -265
  1494. data/spec/unit/formatters/error_inspectors/cookbook_resolve_error_inspector_spec.rb +126 -126
  1495. data/spec/unit/formatters/error_inspectors/cookbook_sync_error_inspector_spec.rb +43 -43
  1496. data/spec/unit/formatters/error_inspectors/node_load_error_inspector_spec.rb +26 -26
  1497. data/spec/unit/formatters/error_inspectors/registration_error_inspector_spec.rb +26 -26
  1498. data/spec/unit/formatters/error_inspectors/resource_failure_inspector_spec.rb +191 -191
  1499. data/spec/unit/formatters/error_inspectors/run_list_expansion_error_inspector_spec.rb +91 -91
  1500. data/spec/unit/guard_interpreter/resource_guard_interpreter_spec.rb +155 -155
  1501. data/spec/unit/guard_interpreter_spec.rb +41 -41
  1502. data/spec/unit/handler/json_file_spec.rb +63 -63
  1503. data/spec/unit/handler_spec.rb +302 -302
  1504. data/spec/unit/http/api_versions_spec.rb +82 -82
  1505. data/spec/unit/http/authenticator_spec.rb +125 -125
  1506. data/spec/unit/http/basic_client_spec.rb +72 -72
  1507. data/spec/unit/http/http_request_spec.rb +97 -97
  1508. data/spec/unit/http/json_input_spec.rb +128 -128
  1509. data/spec/unit/http/simple_spec.rb +32 -32
  1510. data/spec/unit/http/socketless_chef_zero_client_spec.rb +174 -174
  1511. data/spec/unit/http/ssl_policies_spec.rb +169 -169
  1512. data/spec/unit/http/validate_content_length_spec.rb +207 -207
  1513. data/spec/unit/http_spec.rb +229 -229
  1514. data/spec/unit/json_compat_spec.rb +73 -73
  1515. data/spec/unit/key_spec.rb +631 -631
  1516. data/spec/unit/knife/bootstrap/chef_vault_handler_spec.rb +152 -152
  1517. data/spec/unit/knife/bootstrap/client_builder_spec.rb +207 -207
  1518. data/spec/unit/knife/bootstrap/train_connector_spec.rb +226 -216
  1519. data/spec/unit/knife/bootstrap_spec.rb +2167 -2197
  1520. data/spec/unit/knife/client_bulk_delete_spec.rb +166 -166
  1521. data/spec/unit/knife/client_create_spec.rb +169 -169
  1522. data/spec/unit/knife/client_delete_spec.rb +99 -99
  1523. data/spec/unit/knife/client_edit_spec.rb +53 -53
  1524. data/spec/unit/knife/client_list_spec.rb +34 -34
  1525. data/spec/unit/knife/client_reregister_spec.rb +62 -62
  1526. data/spec/unit/knife/client_show_spec.rb +52 -52
  1527. data/spec/unit/knife/configure_client_spec.rb +81 -81
  1528. data/spec/unit/knife/configure_spec.rb +190 -190
  1529. data/spec/unit/knife/cookbook_bulk_delete_spec.rb +87 -87
  1530. data/spec/unit/knife/cookbook_delete_spec.rb +239 -239
  1531. data/spec/unit/knife/cookbook_download_spec.rb +255 -255
  1532. data/spec/unit/knife/cookbook_list_spec.rb +88 -88
  1533. data/spec/unit/knife/cookbook_metadata_from_file_spec.rb +65 -65
  1534. data/spec/unit/knife/cookbook_metadata_spec.rb +182 -182
  1535. data/spec/unit/knife/cookbook_show_spec.rb +253 -253
  1536. data/spec/unit/knife/cookbook_upload_spec.rb +304 -304
  1537. data/spec/unit/knife/core/bootstrap_context_spec.rb +307 -307
  1538. data/spec/unit/knife/core/cookbook_scm_repo_spec.rb +187 -187
  1539. data/spec/unit/knife/core/gem_glob_loader_spec.rb +209 -209
  1540. data/spec/unit/knife/core/hashed_command_loader_spec.rb +110 -110
  1541. data/spec/unit/knife/core/node_editor_spec.rb +211 -211
  1542. data/spec/unit/knife/core/object_loader_spec.rb +81 -81
  1543. data/spec/unit/knife/core/subcommand_loader_spec.rb +64 -64
  1544. data/spec/unit/knife/core/ui_spec.rb +639 -639
  1545. data/spec/unit/knife/core/windows_bootstrap_context_spec.rb +278 -278
  1546. data/spec/unit/knife/data_bag_create_spec.rb +175 -175
  1547. data/spec/unit/knife/data_bag_edit_spec.rb +126 -126
  1548. data/spec/unit/knife/data_bag_from_file_spec.rb +173 -173
  1549. data/spec/unit/knife/data_bag_secret_options_spec.rb +165 -165
  1550. data/spec/unit/knife/data_bag_show_spec.rb +138 -138
  1551. data/spec/unit/knife/environment_compare_spec.rb +112 -112
  1552. data/spec/unit/knife/environment_create_spec.rb +91 -91
  1553. data/spec/unit/knife/environment_delete_spec.rb +71 -71
  1554. data/spec/unit/knife/environment_edit_spec.rb +79 -79
  1555. data/spec/unit/knife/environment_from_file_spec.rb +90 -90
  1556. data/spec/unit/knife/environment_list_spec.rb +54 -54
  1557. data/spec/unit/knife/environment_show_spec.rb +52 -52
  1558. data/spec/unit/knife/key_create_spec.rb +223 -223
  1559. data/spec/unit/knife/key_delete_spec.rb +133 -133
  1560. data/spec/unit/knife/key_edit_spec.rb +264 -264
  1561. data/spec/unit/knife/key_helper.rb +74 -74
  1562. data/spec/unit/knife/key_list_spec.rb +216 -216
  1563. data/spec/unit/knife/key_show_spec.rb +126 -126
  1564. data/spec/unit/knife/node_bulk_delete_spec.rb +94 -94
  1565. data/spec/unit/knife/node_delete_spec.rb +77 -77
  1566. data/spec/unit/knife/node_edit_spec.rb +116 -116
  1567. data/spec/unit/knife/node_environment_set_spec.rb +56 -56
  1568. data/spec/unit/knife/node_from_file_spec.rb +59 -59
  1569. data/spec/unit/knife/node_list_spec.rb +62 -62
  1570. data/spec/unit/knife/node_policy_set_spec.rb +122 -122
  1571. data/spec/unit/knife/node_run_list_add_spec.rb +145 -145
  1572. data/spec/unit/knife/node_run_list_remove_spec.rb +106 -106
  1573. data/spec/unit/knife/node_run_list_set_spec.rb +115 -115
  1574. data/spec/unit/knife/node_show_spec.rb +65 -65
  1575. data/spec/unit/knife/raw_spec.rb +43 -43
  1576. data/spec/unit/knife/role_bulk_delete_spec.rb +80 -80
  1577. data/spec/unit/knife/role_create_spec.rb +80 -80
  1578. data/spec/unit/knife/role_delete_spec.rb +67 -67
  1579. data/spec/unit/knife/role_edit_spec.rb +77 -77
  1580. data/spec/unit/knife/role_env_run_list_add_spec.rb +217 -217
  1581. data/spec/unit/knife/role_env_run_list_clear_spec.rb +94 -94
  1582. data/spec/unit/knife/role_env_run_list_remove_spec.rb +102 -102
  1583. data/spec/unit/knife/role_env_run_list_replace_spec.rb +105 -105
  1584. data/spec/unit/knife/role_env_run_list_set_spec.rb +99 -99
  1585. data/spec/unit/knife/role_from_file_spec.rb +69 -69
  1586. data/spec/unit/knife/role_list_spec.rb +54 -54
  1587. data/spec/unit/knife/role_run_list_add_spec.rb +179 -179
  1588. data/spec/unit/knife/role_run_list_clear_spec.rb +84 -84
  1589. data/spec/unit/knife/role_run_list_remove_spec.rb +92 -92
  1590. data/spec/unit/knife/role_run_list_replace_spec.rb +98 -98
  1591. data/spec/unit/knife/role_run_list_set_spec.rb +89 -89
  1592. data/spec/unit/knife/role_show_spec.rb +59 -59
  1593. data/spec/unit/knife/ssh_spec.rb +496 -496
  1594. data/spec/unit/knife/ssl_check_spec.rb +256 -256
  1595. data/spec/unit/knife/ssl_fetch_spec.rb +222 -222
  1596. data/spec/unit/knife/status_spec.rb +111 -111
  1597. data/spec/unit/knife/supermarket_download_spec.rb +152 -152
  1598. data/spec/unit/knife/supermarket_install_spec.rb +201 -201
  1599. data/spec/unit/knife/supermarket_share_spec.rb +209 -209
  1600. data/spec/unit/knife/supermarket_unshare_spec.rb +78 -78
  1601. data/spec/unit/knife/tag_create_spec.rb +23 -23
  1602. data/spec/unit/knife/tag_delete_spec.rb +25 -25
  1603. data/spec/unit/knife/tag_list_spec.rb +23 -23
  1604. data/spec/unit/knife/user_create_spec.rb +184 -184
  1605. data/spec/unit/knife/user_delete_spec.rb +46 -46
  1606. data/spec/unit/knife/user_edit_spec.rb +48 -48
  1607. data/spec/unit/knife/user_list_spec.rb +36 -36
  1608. data/spec/unit/knife/user_reregister_spec.rb +56 -56
  1609. data/spec/unit/knife/user_show_spec.rb +46 -46
  1610. data/spec/unit/knife_spec.rb +616 -613
  1611. data/spec/unit/log/syslog_spec.rb +51 -51
  1612. data/spec/unit/log/winevt_spec.rb +54 -54
  1613. data/spec/unit/log_spec.rb +24 -24
  1614. data/spec/unit/lwrp_spec.rb +690 -690
  1615. data/spec/unit/mash_spec.rb +51 -51
  1616. data/spec/unit/mixin/api_version_request_handling_spec.rb +126 -126
  1617. data/spec/unit/mixin/checksum_spec.rb +54 -54
  1618. data/spec/unit/mixin/convert_to_class_name_spec.rb +54 -54
  1619. data/spec/unit/mixin/deep_merge_spec.rb +342 -342
  1620. data/spec/unit/mixin/deprecation_spec.rb +57 -57
  1621. data/spec/unit/mixin/enforce_ownership_and_permissions_spec.rb +96 -96
  1622. data/spec/unit/mixin/homebrew_user_spec.rb +96 -96
  1623. data/spec/unit/mixin/lazy_module_include.rb +71 -71
  1624. data/spec/unit/mixin/openssl_helper_spec.rb +857 -857
  1625. data/spec/unit/mixin/params_validate_spec.rb +421 -421
  1626. data/spec/unit/mixin/path_sanity_spec.rb +92 -92
  1627. data/spec/unit/mixin/powershell_exec_spec.rb +43 -43
  1628. data/spec/unit/mixin/powershell_out_spec.rb +94 -94
  1629. data/spec/unit/mixin/powershell_type_coercions_spec.rb +84 -84
  1630. data/spec/unit/mixin/properties_spec.rb +107 -107
  1631. data/spec/unit/mixin/proxified_socket_spec.rb +97 -97
  1632. data/spec/unit/mixin/securable_spec.rb +314 -314
  1633. data/spec/unit/mixin/shell_out_spec.rb +318 -318
  1634. data/spec/unit/mixin/subclass_directive_spec.rb +45 -45
  1635. data/spec/unit/mixin/template_spec.rb +321 -276
  1636. data/spec/unit/mixin/unformatter_spec.rb +61 -61
  1637. data/spec/unit/mixin/uris_spec.rb +57 -57
  1638. data/spec/unit/mixin/user_context_spec.rb +108 -108
  1639. data/spec/unit/mixin/versioned_api_spec.rb +128 -128
  1640. data/spec/unit/mixin/which.rb +160 -160
  1641. data/spec/unit/mixin/windows_architecture_helper_spec.rb +85 -85
  1642. data/spec/unit/mixin/xml_escape_spec.rb +54 -54
  1643. data/spec/unit/monkey_patches/uri_spec.rb +34 -34
  1644. data/spec/unit/monologger_spec.rb +45 -45
  1645. data/spec/unit/node/attribute_spec.rb +1300 -1300
  1646. data/spec/unit/node/immutable_collections_spec.rb +326 -326
  1647. data/spec/unit/node/vivid_mash_spec.rb +458 -458
  1648. data/spec/unit/node_map_spec.rb +276 -276
  1649. data/spec/unit/node_spec.rb +1843 -1843
  1650. data/spec/unit/org_spec.rb +196 -196
  1651. data/spec/unit/platform/query_helpers_spec.rb +207 -207
  1652. data/spec/unit/policy_builder/dynamic_spec.rb +261 -261
  1653. data/spec/unit/policy_builder/expand_node_object_spec.rb +311 -311
  1654. data/spec/unit/policy_builder/policyfile_spec.rb +872 -872
  1655. data/spec/unit/policy_builder_spec.rb +26 -26
  1656. data/spec/unit/property/state_spec.rb +508 -508
  1657. data/spec/unit/property/validation_spec.rb +758 -758
  1658. data/spec/unit/property_spec.rb +1324 -1324
  1659. data/spec/unit/provider/apt_preference_spec.rb +87 -87
  1660. data/spec/unit/provider/apt_repository_spec.rb +254 -254
  1661. data/spec/unit/provider/apt_update_spec.rb +116 -116
  1662. data/spec/unit/provider/cookbook_file/content_spec.rb +39 -39
  1663. data/spec/unit/provider/cookbook_file_spec.rb +59 -59
  1664. data/spec/unit/provider/cron/unix_spec.rb +144 -144
  1665. data/spec/unit/provider/cron_spec.rb +1084 -1084
  1666. data/spec/unit/provider/directory_spec.rb +300 -300
  1667. data/spec/unit/provider/dsc_resource_spec.rb +343 -343
  1668. data/spec/unit/provider/dsc_script_spec.rb +173 -173
  1669. data/spec/unit/provider/execute_spec.rb +251 -251
  1670. data/spec/unit/provider/file/content_spec.rb +114 -114
  1671. data/spec/unit/provider/file_spec.rb +57 -57
  1672. data/spec/unit/provider/git_spec.rb +782 -782
  1673. data/spec/unit/provider/group/dscl_spec.rb +339 -339
  1674. data/spec/unit/provider/group/gpasswd_spec.rb +119 -119
  1675. data/spec/unit/provider/group/groupadd_spec.rb +194 -194
  1676. data/spec/unit/provider/group/groupmod_spec.rb +136 -136
  1677. data/spec/unit/provider/group/pw_spec.rb +141 -141
  1678. data/spec/unit/provider/group/solaris_spec.rb +106 -106
  1679. data/spec/unit/provider/group/suse_spec.rb +90 -90
  1680. data/spec/unit/provider/group/usermod_spec.rb +112 -112
  1681. data/spec/unit/provider/group/windows_spec.rb +124 -124
  1682. data/spec/unit/provider/group_spec.rb +286 -286
  1683. data/spec/unit/provider/http_request_spec.rb +159 -159
  1684. data/spec/unit/provider/ifconfig/aix_spec.rb +180 -180
  1685. data/spec/unit/provider/ifconfig/debian_spec.rb +332 -332
  1686. data/spec/unit/provider/ifconfig/redhat_spec.rb +83 -83
  1687. data/spec/unit/provider/ifconfig_spec.rb +206 -206
  1688. data/spec/unit/provider/launchd_spec.rb +268 -268
  1689. data/spec/unit/provider/link_spec.rb +409 -409
  1690. data/spec/unit/provider/log_spec.rb +94 -94
  1691. data/spec/unit/provider/mdadm_spec.rb +140 -140
  1692. data/spec/unit/provider/mount/aix_spec.rb +277 -277
  1693. data/spec/unit/provider/mount/mount_spec.rb +527 -527
  1694. data/spec/unit/provider/mount/solaris_spec.rb +822 -822
  1695. data/spec/unit/provider/mount/windows_spec.rb +149 -149
  1696. data/spec/unit/provider/mount_spec.rb +191 -191
  1697. data/spec/unit/provider/ohai_spec.rb +84 -84
  1698. data/spec/unit/provider/osx_profile_spec.rb +257 -257
  1699. data/spec/unit/provider/package/apt_spec.rb +632 -632
  1700. data/spec/unit/provider/package/bff_spec.rb +187 -187
  1701. data/spec/unit/provider/package/cab_spec.rb +272 -272
  1702. data/spec/unit/provider/package/chocolatey_spec.rb +507 -507
  1703. data/spec/unit/provider/package/deb_spec.rb +135 -135
  1704. data/spec/unit/provider/package/dnf/python_helper_spec.rb +29 -29
  1705. data/spec/unit/provider/package/dpkg_spec.rb +314 -314
  1706. data/spec/unit/provider/package/freebsd/pkgng_spec.rb +147 -147
  1707. data/spec/unit/provider/package/freebsd/port_spec.rb +151 -151
  1708. data/spec/unit/provider/package/homebrew_spec.rb +293 -293
  1709. data/spec/unit/provider/package/ips_spec.rb +233 -233
  1710. data/spec/unit/provider/package/macports_spec.rb +203 -203
  1711. data/spec/unit/provider/package/msu_spec.rb +283 -283
  1712. data/spec/unit/provider/package/openbsd_spec.rb +132 -132
  1713. data/spec/unit/provider/package/pacman_spec.rb +194 -194
  1714. data/spec/unit/provider/package/paludis_spec.rb +134 -134
  1715. data/spec/unit/provider/package/portage_spec.rb +179 -179
  1716. data/spec/unit/provider/package/powershell_spec.rb +501 -501
  1717. data/spec/unit/provider/package/rpm_spec.rb +440 -440
  1718. data/spec/unit/provider/package/rubygems_spec.rb +981 -981
  1719. data/spec/unit/provider/package/smartos_spec.rb +110 -110
  1720. data/spec/unit/provider/package/snap_spec.rb +208 -208
  1721. data/spec/unit/provider/package/solaris_spec.rb +167 -167
  1722. data/spec/unit/provider/package/windows/exe_spec.rb +201 -201
  1723. data/spec/unit/provider/package/windows/msi_spec.rb +168 -168
  1724. data/spec/unit/provider/package/windows/registry_uninstall_entry_spec.rb +78 -78
  1725. data/spec/unit/provider/package/windows_spec.rb +463 -463
  1726. data/spec/unit/provider/package/yum/python_helper_spec.rb +29 -29
  1727. data/spec/unit/provider/package/yum/yum_cache_spec.rb +109 -109
  1728. data/spec/unit/provider/package/zypper_spec.rb +478 -478
  1729. data/spec/unit/provider/package_spec.rb +791 -791
  1730. data/spec/unit/provider/powershell_script_spec.rb +125 -125
  1731. data/spec/unit/provider/registry_key_spec.rb +487 -487
  1732. data/spec/unit/provider/remote_directory_spec.rb +236 -236
  1733. data/spec/unit/provider/remote_file/cache_control_data_spec.rb +245 -245
  1734. data/spec/unit/provider/remote_file/content_spec.rb +253 -253
  1735. data/spec/unit/provider/remote_file/fetcher_spec.rb +95 -95
  1736. data/spec/unit/provider/remote_file/ftp_spec.rb +217 -217
  1737. data/spec/unit/provider/remote_file/http_spec.rb +324 -324
  1738. data/spec/unit/provider/remote_file/local_file_spec.rb +105 -105
  1739. data/spec/unit/provider/remote_file/network_file_spec.rb +50 -50
  1740. data/spec/unit/provider/remote_file/sftp_spec.rb +150 -150
  1741. data/spec/unit/provider/remote_file_spec.rb +62 -62
  1742. data/spec/unit/provider/route_spec.rb +270 -270
  1743. data/spec/unit/provider/ruby_block_spec.rb +45 -45
  1744. data/spec/unit/provider/script_spec.rb +157 -157
  1745. data/spec/unit/provider/service/aix_service_spec.rb +195 -195
  1746. data/spec/unit/provider/service/aixinit_service_spec.rb +272 -272
  1747. data/spec/unit/provider/service/arch_service_spec.rb +324 -324
  1748. data/spec/unit/provider/service/debian_service_spec.rb +249 -249
  1749. data/spec/unit/provider/service/freebsd_service_spec.rb +617 -617
  1750. data/spec/unit/provider/service/gentoo_service_spec.rb +144 -144
  1751. data/spec/unit/provider/service/init_service_spec.rb +235 -235
  1752. data/spec/unit/provider/service/insserv_service_spec.rb +75 -75
  1753. data/spec/unit/provider/service/invokercd_service_spec.rb +211 -211
  1754. data/spec/unit/provider/service/macosx_spec.rb +340 -340
  1755. data/spec/unit/provider/service/openbsd_service_spec.rb +549 -549
  1756. data/spec/unit/provider/service/redhat_spec.rb +250 -250
  1757. data/spec/unit/provider/service/simple_service_spec.rb +169 -169
  1758. data/spec/unit/provider/service/solaris_smf_service_spec.rb +292 -292
  1759. data/spec/unit/provider/service/systemd_service_spec.rb +364 -364
  1760. data/spec/unit/provider/service/upstart_service_spec.rb +351 -351
  1761. data/spec/unit/provider/service/windows_spec.rb +952 -952
  1762. data/spec/unit/provider/service_spec.rb +168 -168
  1763. data/spec/unit/provider/subversion_spec.rb +361 -361
  1764. data/spec/unit/provider/systemd_unit_spec.rb +967 -967
  1765. data/spec/unit/provider/template/content_spec.rb +169 -169
  1766. data/spec/unit/provider/template_spec.rb +87 -87
  1767. data/spec/unit/provider/user/aix_spec.rb +96 -96
  1768. data/spec/unit/provider/user/dscl_spec.rb +698 -698
  1769. data/spec/unit/provider/user/linux_spec.rb +73 -73
  1770. data/spec/unit/provider/user/pw_spec.rb +235 -235
  1771. data/spec/unit/provider/user/solaris_spec.rb +177 -177
  1772. data/spec/unit/provider/user/windows_spec.rb +197 -197
  1773. data/spec/unit/provider/user_spec.rb +478 -478
  1774. data/spec/unit/provider/whyrun_safe_ruby_block_spec.rb +46 -46
  1775. data/spec/unit/provider/windows_env_spec.rb +400 -400
  1776. data/spec/unit/provider/windows_path_spec.rb +65 -65
  1777. data/spec/unit/provider/windows_task_spec.rb +430 -430
  1778. data/spec/unit/provider/yum_repository_spec.rb +35 -35
  1779. data/spec/unit/provider/zypper_repository_spec.rb +126 -126
  1780. data/spec/unit/provider_resolver_spec.rb +900 -900
  1781. data/spec/unit/provider_spec.rb +201 -201
  1782. data/spec/unit/pure_application_spec.rb +32 -32
  1783. data/spec/unit/recipe_spec.rb +584 -584
  1784. data/spec/unit/resource/apt_package_spec.rb +66 -66
  1785. data/spec/unit/resource/apt_preference_spec.rb +57 -57
  1786. data/spec/unit/resource/apt_repository_spec.rb +92 -92
  1787. data/spec/unit/resource/apt_update_spec.rb +62 -62
  1788. data/spec/unit/resource/archive_file_spec.rb +47 -47
  1789. data/spec/unit/resource/bash_spec.rb +45 -45
  1790. data/spec/unit/resource/batch_spec.rb +46 -46
  1791. data/spec/unit/resource/bff_package_spec.rb +51 -51
  1792. data/spec/unit/resource/breakpoint_spec.rb +64 -64
  1793. data/spec/unit/resource/build_essential_spec.rb +43 -43
  1794. data/spec/unit/resource/cab_package_spec.rb +64 -64
  1795. data/spec/unit/resource/chef_gem_spec.rb +122 -122
  1796. data/spec/unit/resource/chef_handler_spec.rb +40 -40
  1797. data/spec/unit/resource/chocolatey_config_spec.rb +93 -93
  1798. data/spec/unit/resource/chocolatey_feature_spec.rb +89 -0
  1799. data/spec/unit/resource/chocolatey_package_spec.rb +91 -91
  1800. data/spec/unit/resource/chocolatey_source_spec.rb +150 -97
  1801. data/spec/unit/resource/conditional_action_not_nothing_spec.rb +45 -45
  1802. data/spec/unit/resource/conditional_spec.rb +254 -254
  1803. data/spec/unit/resource/cookbook_file_spec.rb +93 -93
  1804. data/spec/unit/resource/cron_access_spec.rb +36 -36
  1805. data/spec/unit/resource/cron_d_spec.rb +90 -90
  1806. data/spec/unit/resource/cron_spec.rb +173 -173
  1807. data/spec/unit/resource/csh_spec.rb +45 -45
  1808. data/spec/unit/resource/directory_spec.rb +69 -69
  1809. data/spec/unit/resource/dmg_package_spec.rb +39 -39
  1810. data/spec/unit/resource/dnf_package_spec.rb +108 -108
  1811. data/spec/unit/resource/dpkg_package_spec.rb +60 -60
  1812. data/spec/unit/resource/dsc_resource_spec.rb +102 -102
  1813. data/spec/unit/resource/dsc_script_spec.rb +134 -134
  1814. data/spec/unit/resource/execute_spec.rb +277 -277
  1815. data/spec/unit/resource/file/verification/systemd_unit_spec.rb +103 -103
  1816. data/spec/unit/resource/file/verification_spec.rb +147 -147
  1817. data/spec/unit/resource/file_spec.rb +127 -127
  1818. data/spec/unit/resource/freebsd_package_spec.rb +77 -77
  1819. data/spec/unit/resource/gem_package_spec.rb +67 -67
  1820. data/spec/unit/resource/git_spec.rb +62 -62
  1821. data/spec/unit/resource/group_spec.rb +165 -165
  1822. data/spec/unit/resource/homebrew_cask_spec.rb +40 -40
  1823. data/spec/unit/resource/homebrew_package_spec.rb +68 -68
  1824. data/spec/unit/resource/homebrew_tap_spec.rb +44 -44
  1825. data/spec/unit/resource/hostname_spec.rb +47 -47
  1826. data/spec/unit/resource/http_request_spec.rb +65 -65
  1827. data/spec/unit/resource/ifconfig_spec.rb +109 -109
  1828. data/spec/unit/resource/ips_package_spec.rb +54 -54
  1829. data/spec/unit/resource/kernel_module_spec.rb +43 -43
  1830. data/spec/unit/resource/ksh_spec.rb +45 -45
  1831. data/spec/unit/resource/launchd_spec.rb +40 -40
  1832. data/spec/unit/resource/link_spec.rb +124 -124
  1833. data/spec/unit/resource/locale_spec.rb +223 -223
  1834. data/spec/unit/resource/log_spec.rb +64 -64
  1835. data/spec/unit/resource/macos_user_defaults_spec.rb +35 -35
  1836. data/spec/unit/resource/macosx_service.rb +37 -37
  1837. data/spec/unit/resource/macports_package_spec.rb +51 -51
  1838. data/spec/unit/resource/mdadm_spec.rb +104 -104
  1839. data/spec/unit/resource/mount_spec.rb +178 -178
  1840. data/spec/unit/resource/msu_package_spec.rb +63 -63
  1841. data/spec/unit/resource/ohai_hint_spec.rb +44 -44
  1842. data/spec/unit/resource/ohai_spec.rb +58 -58
  1843. data/spec/unit/resource/openbsd_package_spec.rb +58 -58
  1844. data/spec/unit/resource/openssl_dhparam_spec.rb +61 -61
  1845. data/spec/unit/resource/openssl_ec_private_key_spec.rb +64 -64
  1846. data/spec/unit/resource/openssl_ec_public_key_spec.rb +43 -43
  1847. data/spec/unit/resource/openssl_rsa_private_key_spec.rb +64 -64
  1848. data/spec/unit/resource/openssl_rsa_public_key_spec.rb +43 -43
  1849. data/spec/unit/resource/openssl_x509_certificate_spec.rb +72 -72
  1850. data/spec/unit/resource/openssl_x509_crl_spec.rb +61 -61
  1851. data/spec/unit/resource/openssl_x509_request.rb +68 -68
  1852. data/spec/unit/resource/osx_profile_spec.rb +60 -60
  1853. data/spec/unit/resource/package_spec.rb +98 -98
  1854. data/spec/unit/resource/pacman_package_spec.rb +46 -46
  1855. data/spec/unit/resource/paludis_package_spec.rb +36 -36
  1856. data/spec/unit/resource/perl_spec.rb +44 -44
  1857. data/spec/unit/resource/portage_package_spec.rb +46 -46
  1858. data/spec/unit/resource/powershell_package_source_spec.rb +219 -219
  1859. data/spec/unit/resource/powershell_package_spec.rb +98 -98
  1860. data/spec/unit/resource/powershell_script_spec.rb +158 -158
  1861. data/spec/unit/resource/python_spec.rb +40 -40
  1862. data/spec/unit/resource/reboot_spec.rb +47 -47
  1863. data/spec/unit/resource/registry_key_spec.rb +215 -215
  1864. data/spec/unit/resource/remote_directory_spec.rb +118 -118
  1865. data/spec/unit/resource/remote_file_spec.rb +220 -220
  1866. data/spec/unit/resource/resource_notification_spec.rb +169 -169
  1867. data/spec/unit/resource/rhsm_errata_level_spec.rb +50 -50
  1868. data/spec/unit/resource/rhsm_errata_spec.rb +39 -39
  1869. data/spec/unit/resource/rhsm_register_spec.rb +204 -204
  1870. data/spec/unit/resource/rhsm_repo_spec.rb +64 -64
  1871. data/spec/unit/resource/rhsm_subscription_spec.rb +98 -98
  1872. data/spec/unit/resource/route_spec.rb +100 -100
  1873. data/spec/unit/resource/rpm_package_spec.rb +62 -62
  1874. data/spec/unit/resource/ruby_block_spec.rb +58 -58
  1875. data/spec/unit/resource/ruby_spec.rb +39 -39
  1876. data/spec/unit/resource/scm_spec.rb +173 -173
  1877. data/spec/unit/resource/script_spec.rb +52 -52
  1878. data/spec/unit/resource/service_spec.rb +199 -199
  1879. data/spec/unit/resource/smartos_package_spec.rb +52 -52
  1880. data/spec/unit/resource/snap_package_spec.rb +60 -60
  1881. data/spec/unit/resource/solaris_package_spec.rb +54 -54
  1882. data/spec/unit/resource/ssh_known_hosts_entry_spec.rb +50 -50
  1883. data/spec/unit/resource/subversion_spec.rb +91 -91
  1884. data/spec/unit/resource/sudo_spec.rb +99 -99
  1885. data/spec/unit/resource/swap_file_spec.rb +39 -39
  1886. data/spec/unit/resource/sysctl_spec.rb +54 -54
  1887. data/spec/unit/resource/systemd_unit_spec.rb +130 -130
  1888. data/spec/unit/resource/template_spec.rb +222 -222
  1889. data/spec/unit/resource/timezone_spec.rb +39 -39
  1890. data/spec/unit/resource/user_spec.rb +121 -121
  1891. data/spec/unit/resource/windows_ad_join_spec.rb +51 -51
  1892. data/spec/unit/resource/windows_auto_run_spec.rb +50 -50
  1893. data/spec/unit/resource/windows_certificate_spec.rb +83 -83
  1894. data/spec/unit/resource/windows_dfs_folder_spec.rb +39 -39
  1895. data/spec/unit/resource/windows_dfs_namespace_spec.rb +39 -39
  1896. data/spec/unit/resource/windows_dfs_server_spec.rb +34 -34
  1897. data/spec/unit/resource/windows_dns_record_spec.rb +55 -55
  1898. data/spec/unit/resource/windows_dns_zone_spec.rb +51 -51
  1899. data/spec/unit/resource/windows_env_spec.rb +75 -75
  1900. data/spec/unit/resource/windows_feature_dism_spec.rb +72 -72
  1901. data/spec/unit/resource/windows_feature_powershell_spec.rb +72 -72
  1902. data/spec/unit/resource/windows_feature_spec.rb +64 -64
  1903. data/spec/unit/resource/windows_firewall_rule_spec.rb +401 -401
  1904. data/spec/unit/resource/windows_font_spec.rb +43 -43
  1905. data/spec/unit/resource/windows_package_spec.rb +105 -105
  1906. data/spec/unit/resource/windows_pagefile_spec.rb +49 -49
  1907. data/spec/unit/resource/windows_path_spec.rb +40 -40
  1908. data/spec/unit/resource/windows_printer_port_spec.rb +62 -62
  1909. data/spec/unit/resource/windows_printer_spec.rb +52 -52
  1910. data/spec/unit/resource/windows_service_spec.rb +108 -108
  1911. data/spec/unit/resource/windows_share_spec.rb +39 -39
  1912. data/spec/unit/resource/windows_shortcut_spec.rb +38 -38
  1913. data/spec/unit/resource/windows_task_spec.rb +403 -403
  1914. data/spec/unit/resource/windows_uac_spec.rb +50 -50
  1915. data/spec/unit/resource/windows_workgroup_spec.rb +74 -74
  1916. data/spec/unit/resource/yum_package_spec.rb +150 -150
  1917. data/spec/unit/resource/yum_repository_spec.rb +152 -152
  1918. data/spec/unit/resource/zypper_package_spec.rb +51 -51
  1919. data/spec/unit/resource/zypper_repository_spec.rb +115 -115
  1920. data/spec/unit/resource_builder_spec.rb +1 -1
  1921. data/spec/unit/resource_collection/resource_list_spec.rb +137 -137
  1922. data/spec/unit/resource_collection/resource_set_spec.rb +244 -244
  1923. data/spec/unit/resource_collection/stepable_iterator_spec.rb +144 -144
  1924. data/spec/unit/resource_collection_spec.rb +408 -400
  1925. data/spec/unit/resource_definition_spec.rb +117 -117
  1926. data/spec/unit/resource_inspector_spec.rb +60 -60
  1927. data/spec/unit/resource_reporter_spec.rb +808 -808
  1928. data/spec/unit/resource_resolver_spec.rb +52 -52
  1929. data/spec/unit/resource_spec.rb +1218 -1218
  1930. data/spec/unit/role_spec.rb +361 -358
  1931. data/spec/unit/run_context/child_run_context_spec.rb +126 -126
  1932. data/spec/unit/run_context/cookbook_compiler_spec.rb +236 -236
  1933. data/spec/unit/run_context_spec.rb +241 -241
  1934. data/spec/unit/run_list/run_list_expansion_spec.rb +144 -144
  1935. data/spec/unit/run_list/run_list_item_spec.rb +117 -117
  1936. data/spec/unit/run_list/versioned_recipe_list_spec.rb +197 -197
  1937. data/spec/unit/run_list_spec.rb +312 -312
  1938. data/spec/unit/run_lock_spec.rb +140 -140
  1939. data/spec/unit/run_status_spec.rb +144 -144
  1940. data/spec/unit/runner_spec.rb +398 -398
  1941. data/spec/unit/scan_access_control_spec.rb +183 -183
  1942. data/spec/unit/search/query_spec.rb +283 -283
  1943. data/spec/unit/server_api_spec.rb +124 -124
  1944. data/spec/unit/server_api_versions_spec.rb +66 -66
  1945. data/spec/unit/shell/model_wrapper_spec.rb +96 -96
  1946. data/spec/unit/shell/shell_ext_spec.rb +153 -153
  1947. data/spec/unit/shell/shell_session_spec.rb +250 -250
  1948. data/spec/unit/shell_spec.rb +162 -162
  1949. data/spec/unit/train_transport_spec.rb +84 -79
  1950. data/spec/unit/user_spec.rb +275 -275
  1951. data/spec/unit/user_v1_spec.rb +583 -583
  1952. data/spec/unit/util/backup_spec.rb +141 -141
  1953. data/spec/unit/util/diff_spec.rb +576 -576
  1954. data/spec/unit/util/dsc/configuration_generator_spec.rb +193 -193
  1955. data/spec/unit/util/dsc/lcm_output_parser_spec.rb +248 -248
  1956. data/spec/unit/util/dsc/local_configuration_manager_spec.rb +200 -200
  1957. data/spec/unit/util/dsc/resource_store.rb +78 -78
  1958. data/spec/unit/util/editor_spec.rb +152 -152
  1959. data/spec/unit/util/file_edit_spec.rb +224 -224
  1960. data/spec/unit/util/powershell/cmdlet_spec.rb +106 -106
  1961. data/spec/unit/util/powershell/ps_credential_spec.rb +44 -44
  1962. data/spec/unit/util/selinux_spec.rb +157 -157
  1963. data/spec/unit/util/threaded_job_queue_spec.rb +51 -51
  1964. data/spec/unit/util/windows/logon_session_spec.rb +285 -285
  1965. data/spec/unit/version/platform_spec.rb +60 -60
  1966. data/spec/unit/version_class_spec.rb +171 -171
  1967. data/spec/unit/version_constraint/platform_spec.rb +45 -45
  1968. data/spec/unit/version_constraint_spec.rb +179 -179
  1969. data/spec/unit/version_string_spec.rb +79 -79
  1970. data/spec/unit/win32/error_spec.rb +77 -77
  1971. data/spec/unit/win32/link_spec.rb +73 -73
  1972. data/spec/unit/win32/registry_spec.rb +394 -394
  1973. data/spec/unit/win32/security_spec.rb +134 -134
  1974. data/spec/unit/windows_service_spec.rb +118 -118
  1975. data/tasks/.DS_Store +0 -0
  1976. data/tasks/announce.rb +51 -51
  1977. data/tasks/bin/run_external_test +39 -33
  1978. data/tasks/dependencies.rb +58 -58
  1979. data/tasks/docs.rb +337 -0
  1980. data/tasks/rspec.rb +90 -90
  1981. data/tasks/templates/release.md.erb +34 -34
  1982. metadata +41 -7
  1983. data/lib/chef/mixin/train_or_shell.rb +0 -83
Binary file
@@ -1,1065 +1,1092 @@
1
- #
2
- # Author:: Adam Jacob (<adam@chef.io>)
3
- # Copyright:: Copyright 2010-2019, Chef Software Inc.
4
- # License:: Apache License, Version 2.0
5
- #
6
- # Licensed under the Apache License, Version 2.0 (the "License");
7
- # you may not use this file except in compliance with the License.
8
- # You may obtain a copy of the License at
9
- #
10
- # http://www.apache.org/licenses/LICENSE-2.0
11
- #
12
- # Unless required by applicable law or agreed to in writing, software
13
- # distributed under the License is distributed on an "AS IS" BASIS,
14
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
- # See the License for the specific language governing permissions and
16
- # limitations under the License.
17
- #
18
-
19
- require_relative "../knife"
20
- require_relative "data_bag_secret_options"
21
- require_relative "../dist"
22
- require "license_acceptance/cli_flags/mixlib_cli"
23
- require "license_acceptance/acceptor"
24
-
25
- class Chef
26
- class Knife
27
- class Bootstrap < Knife
28
- include DataBagSecretOptions
29
- include LicenseAcceptance::CLIFlags::MixlibCLI
30
-
31
- SUPPORTED_CONNECTION_PROTOCOLS = %w{ssh winrm}.freeze
32
- WINRM_AUTH_PROTOCOL_LIST = %w{plaintext kerberos ssl negotiate}.freeze
33
-
34
- # Common connectivity options
35
- option :connection_user,
36
- short: "-U USERNAME",
37
- long: "--connection-user USERNAME",
38
- description: "Authenticate to the target host with this user account."
39
-
40
- option :connection_password,
41
- short: "-P PASSWORD",
42
- long: "--connection-password PASSWORD",
43
- description: "Authenticate to the target host with this password."
44
-
45
- option :connection_port,
46
- short: "-p PORT",
47
- long: "--connection-port PORT",
48
- description: "The port on the target node to connect to."
49
-
50
- option :connection_protocol,
51
- short: "-o PROTOCOL",
52
- long: "--connection-protocol PROTOCOL",
53
- description: "The protocol to use to connect to the target node.",
54
- in: SUPPORTED_CONNECTION_PROTOCOLS
55
-
56
- option :max_wait,
57
- short: "-W SECONDS",
58
- long: "--max-wait SECONDS",
59
- description: "The maximum time to wait for the initial connection to be established."
60
-
61
- option :session_timeout,
62
- long: "--session-timeout SECONDS",
63
- description: "The number of seconds to wait for each connection operation to be acknowledged while running bootstrap.",
64
- default: 60
65
-
66
- # WinRM Authentication
67
- option :winrm_ssl_peer_fingerprint,
68
- long: "--winrm-ssl-peer-fingerprint FINGERPRINT",
69
- description: "SSL certificate fingerprint expected from the target."
70
-
71
- option :ca_trust_file,
72
- short: "-f CA_TRUST_PATH",
73
- long: "--ca-trust-file CA_TRUST_PATH",
74
- description: "The Certificate Authority (CA) trust file used for SSL transport."
75
-
76
- option :winrm_no_verify_cert,
77
- long: "--winrm-no-verify-cert",
78
- description: "Do not verify the SSL certificate of the target node for WinRM.",
79
- boolean: true
80
-
81
- option :winrm_ssl,
82
- long: "--winrm-ssl",
83
- description: "Use SSL in the WinRM connection."
84
-
85
- option :winrm_auth_method,
86
- short: "-w AUTH-METHOD",
87
- long: "--winrm-auth-method AUTH-METHOD",
88
- description: "The WinRM authentication method to use.",
89
- proc: Proc.new { |protocol| Chef::Config[:knife][:winrm_auth_method] = protocol },
90
- in: WINRM_AUTH_PROTOCOL_LIST
91
-
92
- option :winrm_basic_auth_only,
93
- long: "--winrm-basic-auth-only",
94
- description: "For WinRM basic authentication when using the 'ssl' auth method.",
95
- boolean: true
96
-
97
- # This option was provided in knife bootstrap windows winrm,
98
- # but it is ignored in knife-windows/WinrmSession, and so remains unimplemeneted here.
99
- # option :kerberos_keytab_file,
100
- # :short => "-T KEYTAB_FILE",
101
- # :long => "--keytab-file KEYTAB_FILE",
102
- # :description => "The Kerberos keytab file used for authentication",
103
- # :proc => Proc.new { |keytab| Chef::Config[:knife][:kerberos_keytab_file] = keytab }
104
-
105
- option :kerberos_realm,
106
- short: "-R KERBEROS_REALM",
107
- long: "--kerberos-realm KERBEROS_REALM",
108
- description: "The Kerberos realm used for authentication.",
109
- proc: Proc.new { |protocol| Chef::Config[:knife][:kerberos_realm] = protocol }
110
-
111
- option :kerberos_service,
112
- short: "-S KERBEROS_SERVICE",
113
- long: "--kerberos-service KERBEROS_SERVICE",
114
- description: "The Kerberos service used for authentication.",
115
- proc: Proc.new { |protocol| Chef::Config[:knife][:kerberos_service] = protocol }
116
-
117
- ## SSH Authentication
118
- option :ssh_gateway,
119
- short: "-G GATEWAY",
120
- long: "--ssh-gateway GATEWAY",
121
- description: "The SSH gateway.",
122
- proc: Proc.new { |key| Chef::Config[:knife][:ssh_gateway] = key }
123
-
124
- option :ssh_gateway_identity,
125
- long: "--ssh-gateway-identity SSH_GATEWAY_IDENTITY",
126
- description: "The SSH identity file used for gateway authentication.",
127
- proc: Proc.new { |key| Chef::Config[:knife][:ssh_gateway_identity] = key }
128
-
129
- option :ssh_forward_agent,
130
- short: "-A",
131
- long: "--ssh-forward-agent",
132
- description: "Enable SSH agent forwarding.",
133
- boolean: true
134
-
135
- option :ssh_identity_file,
136
- short: "-i IDENTITY_FILE",
137
- long: "--ssh-identity-file IDENTITY_FILE",
138
- description: "The SSH identity file used for authentication."
139
-
140
- option :ssh_verify_host_key,
141
- long: "--ssh-verify-host-key VALUE",
142
- description: "Verify host key. Default is 'always'.",
143
- in: %w{always accept_new accept_new_or_local_tunnel never}
144
-
145
- #
146
- # bootstrap options
147
- #
148
-
149
- # client.rb content via chef-full/bootstrap_context
150
- option :bootstrap_version,
151
- long: "--bootstrap-version VERSION",
152
- description: "The version of #{Chef::Dist::PRODUCT} to install.",
153
- proc: lambda { |v| Chef::Config[:knife][:bootstrap_version] = v }
154
-
155
- option :channel,
156
- long: "--channel CHANNEL",
157
- description: "Install from the given channel. Default is 'stable'.",
158
- default: "stable",
159
- in: %w{stable current unstable}
160
-
161
- # client.rb content via chef-full/bootstrap_context
162
- option :bootstrap_proxy,
163
- long: "--bootstrap-proxy PROXY_URL",
164
- description: "The proxy server for the node being bootstrapped.",
165
- proc: Proc.new { |p| Chef::Config[:knife][:bootstrap_proxy] = p }
166
-
167
- # client.rb content via bootstrap_context
168
- option :bootstrap_proxy_user,
169
- long: "--bootstrap-proxy-user PROXY_USER",
170
- description: "The proxy authentication username for the node being bootstrapped."
171
-
172
- # client.rb content via bootstrap_context
173
- option :bootstrap_proxy_pass,
174
- long: "--bootstrap-proxy-pass PROXY_PASS",
175
- description: "The proxy authentication password for the node being bootstrapped."
176
-
177
- # client.rb content via bootstrap_context
178
- option :bootstrap_no_proxy,
179
- long: "--bootstrap-no-proxy [NO_PROXY_URL|NO_PROXY_IP]",
180
- description: "Do not proxy locations for the node being bootstrapped; this option is used internally by Chef.",
181
- proc: Proc.new { |np| Chef::Config[:knife][:bootstrap_no_proxy] = np }
182
-
183
- # client.rb content via bootstrap_context
184
- option :bootstrap_template,
185
- short: "-t TEMPLATE",
186
- long: "--bootstrap-template TEMPLATE",
187
- description: "Bootstrap #{Chef::Dist::PRODUCT} using a built-in or custom template. Set to the full path of an erb template or use one of the built-in templates."
188
-
189
- # client.rb content via bootstrap_context
190
- option :node_ssl_verify_mode,
191
- long: "--node-ssl-verify-mode [peer|none]",
192
- description: "Whether or not to verify the SSL cert for all HTTPS requests.",
193
- proc: Proc.new { |v|
194
- valid_values = %w{none peer}
195
- unless valid_values.include?(v)
196
- raise "Invalid value '#{v}' for --node-ssl-verify-mode. Valid values are: #{valid_values.join(", ")}"
197
- end
198
- v
199
- }
200
-
201
- # bootstrap_context - client.rb
202
- option :node_verify_api_cert,
203
- long: "--[no-]node-verify-api-cert",
204
- description: "Verify the SSL cert for HTTPS requests to the #{Chef::Dist::SERVER_PRODUCT} API.",
205
- boolean: true
206
-
207
- # runtime - sudo settings (train handles sudo)
208
- option :use_sudo,
209
- long: "--sudo",
210
- description: "Execute the bootstrap via sudo.",
211
- boolean: true
212
-
213
- # runtime - sudo settings (train handles sudo)
214
- option :preserve_home,
215
- long: "--sudo-preserve-home",
216
- description: "Preserve non-root user HOME environment variable with sudo.",
217
- boolean: true
218
-
219
- # runtime - sudo settings (train handles sudo)
220
- option :use_sudo_password,
221
- long: "--use-sudo-password",
222
- description: "Execute the bootstrap via sudo with password.",
223
- boolean: false
224
-
225
- # runtime - client_builder
226
- option :chef_node_name,
227
- short: "-N NAME",
228
- long: "--node-name NAME",
229
- description: "The node name for your new node."
230
-
231
- # runtime - client_builder - set runlist when creating node
232
- option :run_list,
233
- short: "-r RUN_LIST",
234
- long: "--run-list RUN_LIST",
235
- description: "Comma separated list of roles/recipes to apply.",
236
- proc: lambda { |o| o.split(/[\s,]+/) },
237
- default: []
238
-
239
- # runtime - client_builder - set policy name when creating node
240
- option :policy_name,
241
- long: "--policy-name POLICY_NAME",
242
- description: "Policyfile name to use (--policy-group must also be given).",
243
- default: nil
244
-
245
- # runtime - client_builder - set policy group when creating node
246
- option :policy_group,
247
- long: "--policy-group POLICY_GROUP",
248
- description: "Policy group name to use (--policy-name must also be given).",
249
- default: nil
250
-
251
- # runtime - client_builder - node tags
252
- option :tags,
253
- long: "--tags TAGS",
254
- description: "Comma separated list of tags to apply to the node.",
255
- proc: lambda { |o| o.split(/[\s,]+/) },
256
- default: []
257
-
258
- # bootstrap template
259
- option :first_boot_attributes,
260
- short: "-j JSON_ATTRIBS",
261
- long: "--json-attributes",
262
- description: "A JSON string to be added to the first run of #{Chef::Dist::CLIENT}.",
263
- proc: lambda { |o| Chef::JSONCompat.parse(o) },
264
- default: nil
265
-
266
- # bootstrap template
267
- option :first_boot_attributes_from_file,
268
- long: "--json-attribute-file FILE",
269
- description: "A JSON file to be used to the first run of #{Chef::Dist::CLIENT}.",
270
- proc: lambda { |o| Chef::JSONCompat.parse(File.read(o)) },
271
- default: nil
272
-
273
- # Note that several of the below options are used by bootstrap template,
274
- # but only from the passed-in knife config; it does not use the
275
- # config from the CLI for those values. We cannot always used the merged
276
- # config, because in some cases the knife keys thIn those cases, the option
277
- # will have a proc that assigns the value into Chef::Config[:knife]
278
-
279
- # bootstrap template
280
- # Create ohai hints in /etc/chef/ohai/hints, fname=hintname, content=value
281
- option :hint,
282
- long: "--hint HINT_NAME[=HINT_FILE]",
283
- description: "Specify an Ohai hint to be set on the bootstrap target. Use multiple --hint options to specify multiple hints.",
284
- proc: Proc.new { |h|
285
- Chef::Config[:knife][:hints] ||= Hash.new
286
- name, path = h.split("=")
287
- Chef::Config[:knife][:hints][name] = path ? Chef::JSONCompat.parse(::File.read(path)) : Hash.new
288
- }
289
-
290
- # bootstrap override: url of a an installer shell script touse in place of omnitruck
291
- # Note that the bootstrap template _only_ references this out of Chef::Config, and not from
292
- # the provided options to knife bootstrap, so we set the Chef::Config option here.
293
- option :bootstrap_url,
294
- long: "--bootstrap-url URL",
295
- description: "URL to a custom installation script.",
296
- proc: Proc.new { |u| Chef::Config[:knife][:bootstrap_url] = u }
297
-
298
- option :msi_url, # Windows target only
299
- short: "-m URL",
300
- long: "--msi-url URL",
301
- description: "Location of the #{Chef::Dist::PRODUCT} MSI. The default templates will prefer to download from this location. The MSI will be downloaded from #{Chef::Dist::WEBSITE} if not provided (Windows).",
302
- default: ""
303
-
304
- # bootstrap override: Do this instead of our own setup.sh from omnitruck. Causes bootstrap_url to be ignored.
305
- option :bootstrap_install_command,
306
- long: "--bootstrap-install-command COMMANDS",
307
- description: "Custom command to install #{Chef::Dist::PRODUCT}.",
308
- proc: Proc.new { |ic| Chef::Config[:knife][:bootstrap_install_command] = ic }
309
-
310
- # bootstrap template: Run this command first in the bootstrap script
311
- option :bootstrap_preinstall_command,
312
- long: "--bootstrap-preinstall-command COMMANDS",
313
- description: "Custom commands to run before installing #{Chef::Dist::PRODUCT}.",
314
- proc: Proc.new { |preic| Chef::Config[:knife][:bootstrap_preinstall_command] = preic }
315
-
316
- # bootstrap template
317
- option :bootstrap_wget_options,
318
- long: "--bootstrap-wget-options OPTIONS",
319
- description: "Add options to wget when installing #{Chef::Dist::PRODUCT}.",
320
- proc: Proc.new { |wo| Chef::Config[:knife][:bootstrap_wget_options] = wo }
321
-
322
- # bootstrap template
323
- option :bootstrap_curl_options,
324
- long: "--bootstrap-curl-options OPTIONS",
325
- description: "Add options to curl when install #{Chef::Dist::PRODUCT}.",
326
- proc: Proc.new { |co| Chef::Config[:knife][:bootstrap_curl_options] = co }
327
-
328
- # chef_vault_handler
329
- option :bootstrap_vault_file,
330
- long: "--bootstrap-vault-file VAULT_FILE",
331
- description: "A JSON file with a list of vault(s) and item(s) to be updated."
332
-
333
- # chef_vault_handler
334
- option :bootstrap_vault_json,
335
- long: "--bootstrap-vault-json VAULT_JSON",
336
- description: "A JSON string with the vault(s) and item(s) to be updated."
337
-
338
- # chef_vault_handler
339
- option :bootstrap_vault_item,
340
- long: "--bootstrap-vault-item VAULT_ITEM",
341
- description: 'A single vault and item to update as "vault:item".',
342
- proc: Proc.new { |i|
343
- (vault, item) = i.split(/:/)
344
- Chef::Config[:knife][:bootstrap_vault_item] ||= {}
345
- Chef::Config[:knife][:bootstrap_vault_item][vault] ||= []
346
- Chef::Config[:knife][:bootstrap_vault_item][vault].push(item)
347
- Chef::Config[:knife][:bootstrap_vault_item]
348
- }
349
-
350
- DEPRECATED_FLAGS = {
351
- # deprecated_key: [new_key, deprecated_long]
352
- # optional third element: replacement_value - if converting from bool
353
- # (--bool-option) to valued flag (--new-option VALUE)
354
- # this will be the value that is assigned the new flag when the old flag is used.
355
- auth_timeout: [:max_wait, "--max-wait SECONDS" ],
356
- host_key_verify:
357
- [:ssh_verify_host_key, "--[no-]host-key-verify"],
358
- prerelease:
359
- [:channel, "--prerelease", "current"],
360
- ssh_user:
361
- [:connection_user, "--ssh-user USER"],
362
- ssh_password:
363
- [:connection_password, "--ssh-password PASSWORD"],
364
- ssh_port:
365
- [:connection_port, "-ssh-port" ],
366
- ssl_peer_fingerprint:
367
- [:winrm_ssl_peer_fingerprint, "--ssl-peer-fingerprint FINGERPRINT"],
368
- winrm_user:
369
- [:connection_user, "--winrm-user USER"],
370
- winrm_password:
371
- [:connection_password, "--winrm-password"],
372
- winrm_port:
373
- [:connection_port, "--winrm-port"],
374
- winrm_authentication_protocol:
375
- [:winrm_auth_method, "--winrm-authentication-protocol PROTOCOL"],
376
- winrm_session_timeout:
377
- [:session_timeout, "--winrm-session-timeout MINUTES"],
378
- }.freeze
379
-
380
- DEPRECATED_FLAGS.each do |deprecated_key, deprecation_entry|
381
- new_key, deprecated_long, replacement_value = deprecation_entry
382
- new_long = options[new_key][:long]
383
- new_long_desc = if replacement_value.nil?
384
- new_long
385
- else
386
- "#{new_long.split(" ").first} #{replacement_value}"
387
- end
388
- option(deprecated_key, long: deprecated_long,
389
- description: "This flag is deprecated. Please use '#{new_long_desc}' instead.",
390
- boolean: options[new_key][:boolean] || !replacement_value.nil?,
391
- # Put deprecated options at the end of the options list
392
- on: :tail)
393
- end
394
-
395
- attr_reader :connection
396
-
397
- deps do
398
- require "erubis"
399
-
400
- require_relative "../json_compat"
401
- require_relative "../util/path_helper"
402
- require_relative "bootstrap/chef_vault_handler"
403
- require_relative "bootstrap/client_builder"
404
- require_relative "bootstrap/train_connector"
405
- end
406
-
407
- banner "knife bootstrap [PROTOCOL://][USER@]FQDN (options)"
408
-
409
- def client_builder
410
- @client_builder ||= Chef::Knife::Bootstrap::ClientBuilder.new(
411
- chef_config: Chef::Config,
412
- knife_config: config,
413
- ui: ui
414
- )
415
- end
416
-
417
- def chef_vault_handler
418
- @chef_vault_handler ||= Chef::Knife::Bootstrap::ChefVaultHandler.new(
419
- knife_config: config,
420
- ui: ui
421
- )
422
- end
423
-
424
- # Determine if we need to accept the Chef Infra license locally in order to successfully bootstrap
425
- # the remote node. Remote 'chef-client' run will fail if it is >= 15 and the license is not accepted locally.
426
- def check_license
427
- Chef::Log.debug("Checking if we need to accept Chef license to bootstrap node")
428
- version = config[:bootstrap_version] || Chef::VERSION.split(".").first
429
- acceptor = LicenseAcceptance::Acceptor.new(logger: Chef::Log, provided: Chef::Config[:chef_license])
430
- if acceptor.license_required?("chef", version)
431
- Chef::Log.debug("License acceptance required for chef version: #{version}")
432
- license_id = acceptor.id_from_mixlib("chef")
433
- acceptor.check_and_persist(license_id, version)
434
- Chef::Config[:chef_license] ||= acceptor.acceptance_value
435
- end
436
- end
437
-
438
- # The default bootstrap template to use to bootstrap a server.
439
- # This is a public API hook which knife plugins use or inherit and override.
440
- #
441
- # @return [String] Default bootstrap template
442
- def default_bootstrap_template
443
- if connection.windows?
444
- "windows-#{Chef::Dist::CLIENT}-msi"
445
- else
446
- "chef-full"
447
- end
448
- end
449
-
450
- def host_descriptor
451
- Array(@name_args).first
452
- end
453
-
454
- # The server_name is the DNS or IP we are going to connect to, it is not necessarily
455
- # the node name, the fqdn, or the hostname of the server. This is a public API hook
456
- # which knife plugins use or inherit and override.
457
- #
458
- # @return [String] The DNS or IP that bootstrap will connect to
459
- def server_name
460
- if host_descriptor
461
- @server_name ||= host_descriptor.split("@").reverse[0]
462
- end
463
- end
464
-
465
- # @return [String] The CLI specific bootstrap template or the default
466
- def bootstrap_template
467
- # Allow passing a bootstrap template or use the default
468
- config[:bootstrap_template] || default_bootstrap_template
469
- end
470
-
471
- def find_template
472
- template = bootstrap_template
473
-
474
- # Use the template directly if it's a path to an actual file
475
- if File.exists?(template)
476
- Chef::Log.trace("Using the specified bootstrap template: #{File.dirname(template)}")
477
- return template
478
- end
479
-
480
- # Otherwise search the template directories until we find the right one
481
- bootstrap_files = []
482
- bootstrap_files << File.join(File.dirname(__FILE__), "bootstrap/templates", "#{template}.erb")
483
- bootstrap_files << File.join(Knife.chef_config_dir, "bootstrap", "#{template}.erb") if Chef::Knife.chef_config_dir
484
- Chef::Util::PathHelper.home(".chef", "bootstrap", "#{template}.erb") { |p| bootstrap_files << p }
485
- bootstrap_files << Gem.find_files(File.join("chef", "knife", "bootstrap", "#{template}.erb"))
486
- bootstrap_files.flatten!
487
-
488
- template_file = Array(bootstrap_files).find do |bootstrap_template|
489
- Chef::Log.trace("Looking for bootstrap template in #{File.dirname(bootstrap_template)}")
490
- File.exists?(bootstrap_template)
491
- end
492
-
493
- unless template_file
494
- ui.info("Can not find bootstrap definition for #{template}")
495
- raise Errno::ENOENT
496
- end
497
-
498
- Chef::Log.trace("Found bootstrap template in #{File.dirname(template_file)}")
499
-
500
- template_file
501
- end
502
-
503
- def secret
504
- @secret ||= encryption_secret_provided_ignore_encrypt_flag? ? read_secret : nil
505
- end
506
-
507
- # Establish bootstrap context for template rendering.
508
- # Requires connection to be a live connection in order to determine
509
- # the correct platform.
510
- def bootstrap_context
511
- @bootstrap_context ||=
512
- if connection.windows?
513
- require_relative "core/windows_bootstrap_context"
514
- Knife::Core::WindowsBootstrapContext.new(config, config[:run_list], Chef::Config, secret)
515
- else
516
- require_relative "core/bootstrap_context"
517
- Knife::Core::BootstrapContext.new(config, config[:run_list], Chef::Config, secret)
518
- end
519
- end
520
-
521
- def first_boot_attributes
522
- @config[:first_boot_attributes] || @config[:first_boot_attributes_from_file] || {}
523
- end
524
-
525
- def render_template
526
- @config[:first_boot_attributes] = first_boot_attributes
527
- template_file = find_template
528
- template = IO.read(template_file).chomp
529
- Erubis::Eruby.new(template).evaluate(bootstrap_context)
530
- end
531
-
532
- def run
533
- check_license
534
- verify_deprecated_flags!
535
-
536
- validate_name_args!
537
- validate_protocol!
538
- validate_first_boot_attributes!
539
- validate_winrm_transport_opts!
540
- validate_policy_options!
541
-
542
- winrm_warn_no_ssl_verification
543
- warn_on_short_session_timeout
544
-
545
- $stdout.sync = true
546
- register_client
547
- connect!
548
-
549
- unless client_builder.client_path.nil?
550
- bootstrap_context.client_pem = client_builder.client_path
551
- end
552
- content = render_template
553
- bootstrap_path = upload_bootstrap(content)
554
- perform_bootstrap(bootstrap_path)
555
- ensure
556
- connection.del_file!(bootstrap_path) if connection && bootstrap_path
557
- end
558
-
559
- def register_client
560
- # chef-vault integration must use the new client-side hawtness, otherwise to use the
561
- # new client-side hawtness, just delete your validation key.
562
- if chef_vault_handler.doing_chef_vault? ||
563
- (Chef::Config[:validation_key] &&
564
- !File.exist?(File.expand_path(Chef::Config[:validation_key])))
565
-
566
- unless config[:chef_node_name]
567
- ui.error("You must pass a node name with -N when bootstrapping with user credentials")
568
- exit 1
569
- end
570
- client_builder.run
571
- chef_vault_handler.run(client_builder.client)
572
- else
573
- ui.info <<~EOM
574
- Performing legacy client registration with the validation key at #{Chef::Config[:validation_key]}...
575
- Delete your validation key in order to use your user credentials for client registration instead.
576
- EOM
577
-
578
- end
579
- end
580
-
581
- def perform_bootstrap(remote_bootstrap_script_path)
582
- ui.info("Bootstrapping #{ui.color(server_name, :bold)}")
583
- cmd = bootstrap_command(remote_bootstrap_script_path)
584
- r = connection.run_command(cmd) do |data|
585
- ui.msg("#{ui.color(" [#{connection.hostname}]", :cyan)} #{data}")
586
- end
587
- if r.exit_status != 0
588
- ui.error("The following error occurred on #{server_name}:")
589
- ui.error(r.stderr)
590
- exit 1
591
- end
592
- end
593
-
594
- def connect!
595
- ui.info("Connecting to #{ui.color(server_name, :bold)}")
596
- opts = connection_opts.dup
597
- do_connect(opts)
598
- rescue Train::Error => e
599
- # We handle these by message text only because train only loads the
600
- # transports and protocols that it needs - so the exceptions may not be defined,
601
- # and we don't want to require files internal to train.
602
- if e.message =~ /fingerprint (\S+) is unknown for "(.+)"/ # Train::Transports::SSHFailed
603
- fingerprint = $1
604
- hostname, ip = $2.split(",")
605
- # TODO: convert the SHA256 base64 value to hex with colons
606
- # 'ssh' example output:
607
- # RSA key fingerprint is e5:cb:c0:e2:21:3b:12:52:f8:ce:cb:00:24:e2:0c:92.
608
- # ECDSA key fingerprint is 5d:67:61:08:a9:d7:01:fd:5e:ae:7e:09:40:ef:c0:3c.
609
- # will exit 3 on N
610
- ui.confirm <<~EOM
611
- The authenticity of host '#{hostname} (#{ip})' can't be established.
612
- fingerprint is #{fingerprint}.
613
-
614
- Are you sure you want to continue connecting
615
- EOM
616
- # FIXME: this should save the key to known_hosts but doesn't appear to be
617
- config[:ssh_verify_host_key] = :accept_new
618
- do_connect(connection_opts(reset: true))
619
- elsif ssh? && e.cause && e.cause.class == Net::SSH::AuthenticationFailed
620
- if connection.password_auth?
621
- raise
622
- else
623
- ui.warn("Failed to authenticate #{opts[:user]} to #{server_name} - trying password auth")
624
- password = ui.ask("Enter password for #{opts[:user]}@#{server_name}.") do |q|
625
- q.echo = false
626
- end
627
- end
628
- opts.merge! force_ssh_password_opts(password)
629
- do_connect(opts)
630
- else
631
- raise
632
- end
633
- end
634
-
635
- def handle_ssh_error(e)
636
- end
637
-
638
- # url values override CLI flags, if you provide both
639
- # we'll use the one that you gave in the URL.
640
- def connection_protocol
641
- return @connection_protocol if @connection_protocol
642
- from_url = host_descriptor =~ /^(.*):\/\// ? $1 : nil
643
- from_cli = config[:connection_protocol]
644
- from_knife = Chef::Config[:knife][:connection_protocol]
645
- @connection_protocol = from_url || from_cli || from_knife || "ssh"
646
- end
647
-
648
- def do_connect(conn_options)
649
- @connection = TrainConnector.new(host_descriptor, connection_protocol, conn_options)
650
- connection.connect!
651
- end
652
-
653
- # Fail if both first_boot_attributes and first_boot_attributes_from_file
654
- # are set.
655
- def validate_first_boot_attributes!
656
- if @config[:first_boot_attributes] && @config[:first_boot_attributes_from_file]
657
- raise Chef::Exceptions::BootstrapCommandInputError
658
- end
659
- true
660
- end
661
-
662
- # Fail if using plaintext auth without ssl because
663
- # this can expose keys in plaintext on the wire.
664
- # TODO test for this method
665
- # TODO check that the protoocol is valid.
666
- def validate_winrm_transport_opts!
667
- return true unless winrm?
668
-
669
- if Chef::Config[:validation_key] && !File.exist?(File.expand_path(Chef::Config[:validation_key]))
670
- if config_value(:winrm_auth_method) == "plaintext" &&
671
- config_value(:winrm_ssl) != true
672
- ui.error <<~EOM
673
- Validatorless bootstrap over unsecure winrm channels could expose your
674
- key to network sniffing.
675
- Please use a 'winrm_auth_method' other than 'plaintext',
676
- or enable ssl on #{server_name} then use the --ssl flag
677
- to connect.
678
- EOM
679
-
680
- exit 1
681
- end
682
- end
683
- true
684
- end
685
-
686
- # If any deprecated flags are used, let the user know and
687
- # update config[new-key] to the value given to the deprecated flag,
688
- # or to the mapped value in case of changing flag type.
689
- # If a deprecated flag and its corresponding replacement
690
- # are both used, exit
691
- def verify_deprecated_flags!
692
- DEPRECATED_FLAGS.each do |deprecated_key, deprecation_entry|
693
- new_key, deprecated_long, replacement_value = deprecation_entry
694
- if config.key?(deprecated_key) && config_source(deprecated_key) == :cli
695
- if config.key?(new_key) && config_source(new_key) == :cli
696
- new_long = options[new_key][:long].split(" ").first
697
- deprecated_long = deprecated_long.split(" ").first
698
- ui.error <<~EOM
699
- You provided both #{new_long} and #{deprecated_long}.
700
-
701
- Please use one or the other, but note that
702
- #{deprecated_long} is deprecated.
703
- EOM
704
- exit 1
705
- else
706
- config[new_key] = replacement_value || config[deprecated_key]
707
- unless Chef::Config[:silence_deprecation_warnings] == true
708
- ui.warn "You provided #{deprecated_long.split(" ").first}. #{options[deprecated_key][:description]}"
709
- end
710
- end
711
- end
712
- end
713
- end
714
-
715
- # fail if the server_name is nil
716
- def validate_name_args!
717
- if server_name.nil?
718
- ui.error("Must pass an FQDN or ip to bootstrap")
719
- exit 1
720
- end
721
- end
722
-
723
- # Ensure options are valid by checking policyfile values.
724
- #
725
- # The method call will cause the program to exit(1) if:
726
- # * Only one of --policy-name and --policy-group is specified
727
- # * Policyfile options are set and --run-list is set as well
728
- #
729
- # @return [TrueClass] If options are valid.
730
- def validate_policy_options!
731
- if incomplete_policyfile_options?
732
- ui.error("--policy-name and --policy-group must be specified together")
733
- exit 1
734
- elsif policyfile_and_run_list_given?
735
- ui.error("Policyfile options and --run-list are exclusive")
736
- exit 1
737
- end
738
- end
739
-
740
- # Ensure a valid protocol is provided for target host connection
741
- #
742
- # The method call will cause the program to exit(1) if:
743
- # * Conflicting protocols are given via the target URI and the --protocol option
744
- # * The protocol is not a supported protocol
745
- #
746
- # @return [TrueClass] If options are valid.
747
- def validate_protocol!
748
- from_cli = config[:connection_protocol]
749
- if from_cli && connection_protocol != from_cli
750
- # Hanging indent to align with the ERROR: prefix
751
- ui.error <<~EOM
752
- The URL '#{host_descriptor}' indicates protocol is '#{connection_protocol}'
753
- while the --protocol flag specifies '#{from_cli}'. Please include
754
- only one or the other.
755
- EOM
756
- exit 1
757
- end
758
-
759
- unless SUPPORTED_CONNECTION_PROTOCOLS.include?(connection_protocol)
760
- ui.error <<~EOM
761
- Unsupported protocol '#{connection_protocol}'.
762
-
763
- Supported protocols are: #{SUPPORTED_CONNECTION_PROTOCOLS.join(" ")}
764
- EOM
765
- exit 1
766
- end
767
- true
768
- end
769
-
770
- # If session_timeout is too short, it is likely
771
- # a holdover from "--winrm-session-timeout" which used
772
- # minutes as its unit, instead of seconds.
773
- # Warn the human so that they are not surprised.
774
- #
775
- def warn_on_short_session_timeout
776
- if session_timeout && session_timeout <= 15
777
- ui.warn <<~EOM
778
- You provided '--session-timeout #{session_timeout}' second(s).
779
- Did you mean '--session-timeout #{session_timeout * 60}' seconds?
780
- EOM
781
- end
782
- end
783
-
784
- def winrm_warn_no_ssl_verification
785
- return unless winrm?
786
-
787
- # REVIEWER NOTE
788
- # The original check from knife plugin did not include winrm_ssl_peer_fingerprint
789
- # Reference:
790
- # https://github.com/chef/knife-windows/blob/92d151298142be4a4750c5b54bb264f8d5b81b8a/lib/chef/knife/winrm_knife_base.rb#L271-L273
791
- # TODO Seems like we should also do a similar warning if ssh_verify_host == false
792
- if config_value(:ca_trust_file).nil? &&
793
- config_value(:winrm_no_verify_cert) &&
794
- config_value(:winrm_ssl_peer_fingerprint).nil?
795
- ui.warn <<~WARN
796
- * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
797
- SSL validation of HTTPS requests for the WinRM transport is disabled.
798
- HTTPS WinRM connections are still encrypted, but knife is not able
799
- to detect forged replies or spoofing attacks.
800
-
801
- To work around this issue you can use the flag `--winrm-no-verify-cert`
802
- or add an entry like this to your knife configuration file:
803
-
804
- # Verify all WinRM HTTPS connections
805
- knife[:winrm_no_verify_cert] = true
806
-
807
- You can also specify a ca_trust_file via --ca-trust-file,
808
- or the expected fingerprint of the target host's certificate
809
- via --winrm-ssl-peer-fingerprint.
810
- WARN
811
- end
812
- end
813
-
814
- # @return a configuration hash suitable for connecting to the remote
815
- # host via train
816
- def connection_opts(reset: false)
817
- return @connection_opts unless @connection_opts.nil? || reset == true
818
- @connection_opts = {}
819
- @connection_opts.merge! base_opts
820
- @connection_opts.merge! host_verify_opts
821
- @connection_opts.merge! gateway_opts
822
- @connection_opts.merge! sudo_opts
823
- @connection_opts.merge! winrm_opts
824
- @connection_opts.merge! ssh_opts
825
- @connection_opts.merge! ssh_identity_opts
826
- @connection_opts
827
- end
828
-
829
- def winrm?
830
- connection_protocol == "winrm"
831
- end
832
-
833
- def ssh?
834
- connection_protocol == "ssh"
835
- end
836
-
837
- # Common configuration for all protocols
838
- def base_opts
839
- port = config_value(:connection_port,
840
- knife_key_for_protocol(connection_protocol, :port))
841
- user = config_value(:connection_user,
842
- knife_key_for_protocol(connection_protocol, :user))
843
- {}.tap do |opts|
844
- opts[:logger] = Chef::Log
845
- # We do not store password in Chef::Config, so only use CLI `config` here
846
- opts[:password] = config[:connection_password] if config.key?(:connection_password)
847
- opts[:user] = user if user
848
- opts[:max_wait_until_ready] = config_value(:max_wait).to_f unless config_value(:max_wait).nil?
849
- # TODO - when would we need to provide rdp_port vs port? Or are they not mutually exclusive?
850
- opts[:port] = port if port
851
- end
852
- end
853
-
854
- def host_verify_opts
855
- if winrm?
856
- { self_signed: config_value(:winrm_no_verify_cert) === true }
857
- elsif ssh?
858
- # Fall back to the old knife config key name for back compat.
859
- { verify_host_key: config_value(:ssh_verify_host_key, :host_key_verify, "always") }
860
- else
861
- {}
862
- end
863
- end
864
-
865
- def ssh_opts
866
- opts = {}
867
- return opts if winrm?
868
- opts[:pty] = true # ensure we can talk to systems with requiretty set true in sshd config
869
- opts[:non_interactive] = true # Prevent password prompts from underlying net/ssh
870
- opts[:forward_agent] = (config_value(:ssh_forward_agent) === true)
871
- opts[:connection_timeout] = session_timeout
872
- opts
873
- end
874
-
875
- def ssh_identity_opts
876
- opts = {}
877
- return opts if winrm?
878
- identity_file = config_value(:ssh_identity_file)
879
- if identity_file
880
- opts[:key_files] = [identity_file]
881
- # We only set keys_only based on the explicit ssh_identity_file;
882
- # someone may use a gateway key and still expect password auth
883
- # on the target. Similarly, someone may have a default key specified
884
- # in knife config, but have provided a password on the CLI.
885
-
886
- # REVIEW NOTE: this is a new behavior. Originally, ssh_identity_file
887
- # could only be populated from CLI options, so there was no need to check
888
- # for this. We will also set keys_only to false only if there are keys
889
- # and no password.
890
- # If both are present, train(via net/ssh) will prefer keys, falling back to password.
891
- # Reference: https://github.com/chef/chef/blob/master/lib/chef/knife/ssh.rb#L272
892
- opts[:keys_only] = config.key?(:connection_password) == false
893
- else
894
- opts[:key_files] = []
895
- opts[:keys_only] = false
896
- end
897
-
898
- gateway_identity_file = config_value(:ssh_gateway) ? config_value(:ssh_gateway_identity) : nil
899
- unless gateway_identity_file.nil?
900
- opts[:key_files] << gateway_identity_file
901
- end
902
-
903
- opts
904
- end
905
-
906
- def gateway_opts
907
- opts = {}
908
- if config_value(:ssh_gateway)
909
- split = config_value(:ssh_gateway).split("@", 2)
910
- if split.length == 1
911
- gw_host = split[0]
912
- else
913
- gw_user = split[0]
914
- gw_host = split[1]
915
- end
916
- gw_host, gw_port = gw_host.split(":", 2)
917
- # TODO - validate convertable port in config validation?
918
- gw_port = Integer(gw_port) rescue nil
919
- opts[:bastion_host] = gw_host
920
- opts[:bastion_user] = gw_user
921
- opts[:bastion_port] = gw_port
922
- end
923
- opts
924
- end
925
-
926
- # use_sudo - tells bootstrap to use the sudo command to run bootstrap
927
- # use_sudo_password - tells bootstrap to use the sudo command to run bootstrap
928
- # and to use the password specified with --password
929
- # TODO: I'd like to make our sudo options sane:
930
- # --sudo (bool) - use sudo
931
- # --sudo-password PASSWORD (default: :password) - use this password for sudo
932
- # --sudo-options "opt,opt,opt" to pass into sudo
933
- # --sudo-command COMMAND sudo command other than sudo
934
- # REVIEW NOTE: knife bootstrap did not pull sudo values from Chef::Config,
935
- # should we change that for consistency?
936
- def sudo_opts
937
- return {} if winrm?
938
- opts = { sudo: false }
939
- if config[:use_sudo]
940
- opts[:sudo] = true
941
- if config[:use_sudo_password]
942
- opts[:sudo_password] = config[:connection_password]
943
- end
944
- if config[:preserve_home]
945
- opts[:sudo_options] = "-H"
946
- end
947
- end
948
- opts
949
- end
950
-
951
- def winrm_opts
952
- return {} unless winrm?
953
- auth_method = config_value(:winrm_auth_method, :winrm_auth_method, "negotiate")
954
- opts = {
955
- winrm_transport: auth_method, # winrm gem and train calls auth method 'transport'
956
- winrm_basic_auth_only: config_value(:winrm_basic_auth_only) || false,
957
- ssl: config_value(:winrm_ssl) === true,
958
- ssl_peer_fingerprint: config_value(:winrm_ssl_peer_fingerprint),
959
- }
960
-
961
- if auth_method == "kerberos"
962
- opts[:kerberos_service] = config_value(:kerberos_service) if config_value(:kerberos_service)
963
- opts[:kerberos_realm] = config_value(:kerberos_realm) if config_value(:kerberos_service)
964
- end
965
-
966
- if config_value(:ca_trust_file)
967
- opts[:ca_trust_path] = config_value(:ca_trust_file)
968
- end
969
-
970
- opts[:operation_timeout] = session_timeout
971
-
972
- opts
973
- end
974
-
975
- # Config overrides to force password auth.
976
- def force_ssh_password_opts(password)
977
- {
978
- password: password,
979
- non_interactive: false,
980
- keys_only: false,
981
- key_files: [],
982
- auth_methods: [:password, :keyboard_interactive],
983
- }
984
- end
985
-
986
- # Looks up configuration entries, first in the class member
987
- # `config` which contains options populated from CLI flags.
988
- # If the entry is not found there, Chef::Config[:knife][KEY]
989
- # is checked.
990
- #
991
- # knife_config_key should be specified if the knife config lookup
992
- # key is different from the CLI flag lookup key.
993
- #
994
- def config_value(key, knife_config_key = nil, default = nil)
995
- if config.key? key
996
- config[key]
997
- else
998
- lookup_key = knife_config_key || key
999
- if Chef::Config[:knife].key?(lookup_key)
1000
- Chef::Config[:knife][lookup_key]
1001
- else
1002
- default
1003
- end
1004
- end
1005
- end
1006
-
1007
- def upload_bootstrap(content)
1008
- script_name = connection.windows? ? "bootstrap.bat" : "bootstrap.sh"
1009
- remote_path = connection.normalize_path(File.join(connection.temp_dir, script_name))
1010
- connection.upload_file_content!(content, remote_path)
1011
- remote_path
1012
- end
1013
-
1014
- # build the command string for bootrapping
1015
- # @return String
1016
- def bootstrap_command(remote_path)
1017
- if connection.windows?
1018
- "cmd.exe /C #{remote_path}"
1019
- else
1020
- "sh #{remote_path}"
1021
- end
1022
- end
1023
-
1024
- # To avoid cluttering the CLI options, some flags (such as port and user)
1025
- # are shared between protocols. However, there is still a need to allow the operator
1026
- # to specify defaults separately, since they may not be the same values for different
1027
- # protocols.
1028
-
1029
- # These keys are available in Chef::Config, and are prefixed with the protocol name.
1030
- # For example, :user CLI option will map to :winrm_user and :ssh_user Chef::Config keys,
1031
- # based on the connection protocol in use.
1032
- def knife_key_for_protocol(protocol, option)
1033
- "#{connection_protocol}_#{option}".to_sym
1034
- end
1035
-
1036
- private
1037
-
1038
- # True if policy_name and run_list are both given
1039
- def policyfile_and_run_list_given?
1040
- run_list_given? && policyfile_options_given?
1041
- end
1042
-
1043
- def run_list_given?
1044
- !config[:run_list].nil? && !config[:run_list].empty?
1045
- end
1046
-
1047
- def policyfile_options_given?
1048
- !!config[:policy_name]
1049
- end
1050
-
1051
- # True if one of policy_name or policy_group was given, but not both
1052
- def incomplete_policyfile_options?
1053
- (!!config[:policy_name] ^ config[:policy_group])
1054
- end
1055
-
1056
- # session_timeout option has a default that may not arrive, particularly if
1057
- # we're being invoked from a plugin that doesn't merge_config.
1058
- def session_timeout
1059
- timeout = config_value(:session_timeout)
1060
- return options[:session_timeout][:default] if timeout.nil?
1061
- timeout.to_i
1062
- end
1063
- end
1064
- end
1065
- end
1
+ #
2
+ # Author:: Adam Jacob (<adam@chef.io>)
3
+ # Copyright:: Copyright 2010-2019, Chef Software Inc.
4
+ # License:: Apache License, Version 2.0
5
+ #
6
+ # Licensed under the Apache License, Version 2.0 (the "License");
7
+ # you may not use this file except in compliance with the License.
8
+ # You may obtain a copy of the License at
9
+ #
10
+ # http://www.apache.org/licenses/LICENSE-2.0
11
+ #
12
+ # Unless required by applicable law or agreed to in writing, software
13
+ # distributed under the License is distributed on an "AS IS" BASIS,
14
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
+ # See the License for the specific language governing permissions and
16
+ # limitations under the License.
17
+ #
18
+
19
+ require_relative "../knife"
20
+ require_relative "data_bag_secret_options"
21
+ require_relative "../dist"
22
+ require "license_acceptance/cli_flags/mixlib_cli"
23
+ require "license_acceptance/acceptor"
24
+
25
+ class Chef
26
+ class Knife
27
+ class Bootstrap < Knife
28
+ include DataBagSecretOptions
29
+ include LicenseAcceptance::CLIFlags::MixlibCLI
30
+
31
+ SUPPORTED_CONNECTION_PROTOCOLS ||= %w{ssh winrm}.freeze
32
+ WINRM_AUTH_PROTOCOL_LIST ||= %w{plaintext kerberos ssl negotiate}.freeze
33
+
34
+ # Common connectivity options
35
+ option :connection_user,
36
+ short: "-U USERNAME",
37
+ long: "--connection-user USERNAME",
38
+ description: "Authenticate to the target host with this user account."
39
+
40
+ option :connection_password,
41
+ short: "-P PASSWORD",
42
+ long: "--connection-password PASSWORD",
43
+ description: "Authenticate to the target host with this password."
44
+
45
+ option :connection_port,
46
+ short: "-p PORT",
47
+ long: "--connection-port PORT",
48
+ description: "The port on the target node to connect to."
49
+
50
+ option :connection_protocol,
51
+ short: "-o PROTOCOL",
52
+ long: "--connection-protocol PROTOCOL",
53
+ description: "The protocol to use to connect to the target node.",
54
+ in: SUPPORTED_CONNECTION_PROTOCOLS
55
+
56
+ option :max_wait,
57
+ short: "-W SECONDS",
58
+ long: "--max-wait SECONDS",
59
+ description: "The maximum time to wait for the initial connection to be established."
60
+
61
+ option :session_timeout,
62
+ long: "--session-timeout SECONDS",
63
+ description: "The number of seconds to wait for each connection operation to be acknowledged while running bootstrap.",
64
+ default: 60
65
+
66
+ # WinRM Authentication
67
+ option :winrm_ssl_peer_fingerprint,
68
+ long: "--winrm-ssl-peer-fingerprint FINGERPRINT",
69
+ description: "SSL certificate fingerprint expected from the target."
70
+
71
+ option :ca_trust_file,
72
+ short: "-f CA_TRUST_PATH",
73
+ long: "--ca-trust-file CA_TRUST_PATH",
74
+ description: "The Certificate Authority (CA) trust file used for SSL transport."
75
+
76
+ option :winrm_no_verify_cert,
77
+ long: "--winrm-no-verify-cert",
78
+ description: "Do not verify the SSL certificate of the target node for WinRM.",
79
+ boolean: true
80
+
81
+ option :winrm_ssl,
82
+ long: "--winrm-ssl",
83
+ description: "Use SSL in the WinRM connection."
84
+
85
+ option :winrm_auth_method,
86
+ short: "-w AUTH-METHOD",
87
+ long: "--winrm-auth-method AUTH-METHOD",
88
+ description: "The WinRM authentication method to use.",
89
+ proc: Proc.new { |protocol| Chef::Config[:knife][:winrm_auth_method] = protocol },
90
+ in: WINRM_AUTH_PROTOCOL_LIST
91
+
92
+ option :winrm_basic_auth_only,
93
+ long: "--winrm-basic-auth-only",
94
+ description: "For WinRM basic authentication when using the 'ssl' auth method.",
95
+ boolean: true
96
+
97
+ # This option was provided in knife bootstrap windows winrm,
98
+ # but it is ignored in knife-windows/WinrmSession, and so remains unimplemeneted here.
99
+ # option :kerberos_keytab_file,
100
+ # :short => "-T KEYTAB_FILE",
101
+ # :long => "--keytab-file KEYTAB_FILE",
102
+ # :description => "The Kerberos keytab file used for authentication",
103
+ # :proc => Proc.new { |keytab| Chef::Config[:knife][:kerberos_keytab_file] = keytab }
104
+
105
+ option :kerberos_realm,
106
+ short: "-R KERBEROS_REALM",
107
+ long: "--kerberos-realm KERBEROS_REALM",
108
+ description: "The Kerberos realm used for authentication.",
109
+ proc: Proc.new { |protocol| Chef::Config[:knife][:kerberos_realm] = protocol }
110
+
111
+ option :kerberos_service,
112
+ short: "-S KERBEROS_SERVICE",
113
+ long: "--kerberos-service KERBEROS_SERVICE",
114
+ description: "The Kerberos service used for authentication.",
115
+ proc: Proc.new { |protocol| Chef::Config[:knife][:kerberos_service] = protocol }
116
+
117
+ ## SSH Authentication
118
+ option :ssh_gateway,
119
+ short: "-G GATEWAY",
120
+ long: "--ssh-gateway GATEWAY",
121
+ description: "The SSH gateway.",
122
+ proc: Proc.new { |key| Chef::Config[:knife][:ssh_gateway] = key }
123
+
124
+ option :ssh_gateway_identity,
125
+ long: "--ssh-gateway-identity SSH_GATEWAY_IDENTITY",
126
+ description: "The SSH identity file used for gateway authentication.",
127
+ proc: Proc.new { |key| Chef::Config[:knife][:ssh_gateway_identity] = key }
128
+
129
+ option :ssh_forward_agent,
130
+ short: "-A",
131
+ long: "--ssh-forward-agent",
132
+ description: "Enable SSH agent forwarding.",
133
+ boolean: true
134
+
135
+ option :ssh_identity_file,
136
+ short: "-i IDENTITY_FILE",
137
+ long: "--ssh-identity-file IDENTITY_FILE",
138
+ description: "The SSH identity file used for authentication."
139
+
140
+ option :ssh_verify_host_key,
141
+ long: "--ssh-verify-host-key VALUE",
142
+ description: "Verify host key. Default is 'always'.",
143
+ in: %w{always accept_new accept_new_or_local_tunnel never}
144
+
145
+ #
146
+ # bootstrap options
147
+ #
148
+
149
+ # client.rb content via chef-full/bootstrap_context
150
+ option :bootstrap_version,
151
+ long: "--bootstrap-version VERSION",
152
+ description: "The version of #{Chef::Dist::PRODUCT} to install.",
153
+ proc: lambda { |v| Chef::Config[:knife][:bootstrap_version] = v }
154
+
155
+ option :channel,
156
+ long: "--channel CHANNEL",
157
+ description: "Install from the given channel. Default is 'stable'.",
158
+ default: "stable",
159
+ in: %w{stable current unstable}
160
+
161
+ # client.rb content via chef-full/bootstrap_context
162
+ option :bootstrap_proxy,
163
+ long: "--bootstrap-proxy PROXY_URL",
164
+ description: "The proxy server for the node being bootstrapped.",
165
+ proc: Proc.new { |p| Chef::Config[:knife][:bootstrap_proxy] = p }
166
+
167
+ # client.rb content via bootstrap_context
168
+ option :bootstrap_proxy_user,
169
+ long: "--bootstrap-proxy-user PROXY_USER",
170
+ description: "The proxy authentication username for the node being bootstrapped."
171
+
172
+ # client.rb content via bootstrap_context
173
+ option :bootstrap_proxy_pass,
174
+ long: "--bootstrap-proxy-pass PROXY_PASS",
175
+ description: "The proxy authentication password for the node being bootstrapped."
176
+
177
+ # client.rb content via bootstrap_context
178
+ option :bootstrap_no_proxy,
179
+ long: "--bootstrap-no-proxy [NO_PROXY_URL|NO_PROXY_IP]",
180
+ description: "Do not proxy locations for the node being bootstrapped",
181
+ proc: Proc.new { |np| Chef::Config[:knife][:bootstrap_no_proxy] = np }
182
+
183
+ # client.rb content via bootstrap_context
184
+ option :bootstrap_template,
185
+ short: "-t TEMPLATE",
186
+ long: "--bootstrap-template TEMPLATE",
187
+ description: "Bootstrap #{Chef::Dist::PRODUCT} using a built-in or custom template. Set to the full path of an erb template or use one of the built-in templates."
188
+
189
+ # client.rb content via bootstrap_context
190
+ option :node_ssl_verify_mode,
191
+ long: "--node-ssl-verify-mode [peer|none]",
192
+ description: "Whether or not to verify the SSL cert for all HTTPS requests.",
193
+ proc: Proc.new { |v|
194
+ valid_values = %w{none peer}
195
+ unless valid_values.include?(v)
196
+ raise "Invalid value '#{v}' for --node-ssl-verify-mode. Valid values are: #{valid_values.join(", ")}"
197
+ end
198
+ v
199
+ }
200
+
201
+ # bootstrap_context - client.rb
202
+ option :node_verify_api_cert,
203
+ long: "--[no-]node-verify-api-cert",
204
+ description: "Verify the SSL cert for HTTPS requests to the #{Chef::Dist::SERVER_PRODUCT} API.",
205
+ boolean: true
206
+
207
+ # runtime - sudo settings (train handles sudo)
208
+ option :use_sudo,
209
+ long: "--sudo",
210
+ description: "Execute the bootstrap via sudo.",
211
+ boolean: true
212
+
213
+ # runtime - sudo settings (train handles sudo)
214
+ option :preserve_home,
215
+ long: "--sudo-preserve-home",
216
+ description: "Preserve non-root user HOME environment variable with sudo.",
217
+ boolean: true
218
+
219
+ # runtime - sudo settings (train handles sudo)
220
+ option :use_sudo_password,
221
+ long: "--use-sudo-password",
222
+ description: "Execute the bootstrap via sudo with password.",
223
+ boolean: false
224
+
225
+ # runtime - client_builder
226
+ option :chef_node_name,
227
+ short: "-N NAME",
228
+ long: "--node-name NAME",
229
+ description: "The node name for your new node."
230
+
231
+ # runtime - client_builder - set runlist when creating node
232
+ option :run_list,
233
+ short: "-r RUN_LIST",
234
+ long: "--run-list RUN_LIST",
235
+ description: "Comma separated list of roles/recipes to apply.",
236
+ proc: lambda { |o| o.split(/[\s,]+/) },
237
+ default: []
238
+
239
+ # runtime - client_builder - set policy name when creating node
240
+ option :policy_name,
241
+ long: "--policy-name POLICY_NAME",
242
+ description: "Policyfile name to use (--policy-group must also be given).",
243
+ default: nil
244
+
245
+ # runtime - client_builder - set policy group when creating node
246
+ option :policy_group,
247
+ long: "--policy-group POLICY_GROUP",
248
+ description: "Policy group name to use (--policy-name must also be given).",
249
+ default: nil
250
+
251
+ # runtime - client_builder - node tags
252
+ option :tags,
253
+ long: "--tags TAGS",
254
+ description: "Comma separated list of tags to apply to the node.",
255
+ proc: lambda { |o| o.split(/[\s,]+/) },
256
+ default: []
257
+
258
+ # bootstrap template
259
+ option :first_boot_attributes,
260
+ short: "-j JSON_ATTRIBS",
261
+ long: "--json-attributes",
262
+ description: "A JSON string to be added to the first run of #{Chef::Dist::CLIENT}.",
263
+ proc: lambda { |o| Chef::JSONCompat.parse(o) },
264
+ default: nil
265
+
266
+ # bootstrap template
267
+ option :first_boot_attributes_from_file,
268
+ long: "--json-attribute-file FILE",
269
+ description: "A JSON file to be used to the first run of #{Chef::Dist::CLIENT}.",
270
+ proc: lambda { |o| Chef::JSONCompat.parse(File.read(o)) },
271
+ default: nil
272
+
273
+ # Note that several of the below options are used by bootstrap template,
274
+ # but only from the passed-in knife config; it does not use the
275
+ # config from the CLI for those values. We cannot always used the merged
276
+ # config, because in some cases the knife keys thIn those cases, the option
277
+ # will have a proc that assigns the value into Chef::Config[:knife]
278
+
279
+ # bootstrap template
280
+ # Create ohai hints in /etc/chef/ohai/hints, fname=hintname, content=value
281
+ option :hint,
282
+ long: "--hint HINT_NAME[=HINT_FILE]",
283
+ description: "Specify an Ohai hint to be set on the bootstrap target. Use multiple --hint options to specify multiple hints.",
284
+ proc: Proc.new { |h|
285
+ Chef::Config[:knife][:hints] ||= Hash.new
286
+ name, path = h.split("=")
287
+ Chef::Config[:knife][:hints][name] = path ? Chef::JSONCompat.parse(::File.read(path)) : Hash.new
288
+ }
289
+
290
+ # bootstrap override: url of a an installer shell script touse in place of omnitruck
291
+ # Note that the bootstrap template _only_ references this out of Chef::Config, and not from
292
+ # the provided options to knife bootstrap, so we set the Chef::Config option here.
293
+ option :bootstrap_url,
294
+ long: "--bootstrap-url URL",
295
+ description: "URL to a custom installation script.",
296
+ proc: Proc.new { |u| Chef::Config[:knife][:bootstrap_url] = u }
297
+
298
+ option :msi_url, # Windows target only
299
+ short: "-m URL",
300
+ long: "--msi-url URL",
301
+ description: "Location of the #{Chef::Dist::PRODUCT} MSI. The default templates will prefer to download from this location. The MSI will be downloaded from #{Chef::Dist::WEBSITE} if not provided (Windows).",
302
+ default: ""
303
+
304
+ # bootstrap override: Do this instead of our own setup.sh from omnitruck. Causes bootstrap_url to be ignored.
305
+ option :bootstrap_install_command,
306
+ long: "--bootstrap-install-command COMMANDS",
307
+ description: "Custom command to install #{Chef::Dist::PRODUCT}.",
308
+ proc: Proc.new { |ic| Chef::Config[:knife][:bootstrap_install_command] = ic }
309
+
310
+ # bootstrap template: Run this command first in the bootstrap script
311
+ option :bootstrap_preinstall_command,
312
+ long: "--bootstrap-preinstall-command COMMANDS",
313
+ description: "Custom commands to run before installing #{Chef::Dist::PRODUCT}.",
314
+ proc: Proc.new { |preic| Chef::Config[:knife][:bootstrap_preinstall_command] = preic }
315
+
316
+ # bootstrap template
317
+ option :bootstrap_wget_options,
318
+ long: "--bootstrap-wget-options OPTIONS",
319
+ description: "Add options to wget when installing #{Chef::Dist::PRODUCT}.",
320
+ proc: Proc.new { |wo| Chef::Config[:knife][:bootstrap_wget_options] = wo }
321
+
322
+ # bootstrap template
323
+ option :bootstrap_curl_options,
324
+ long: "--bootstrap-curl-options OPTIONS",
325
+ description: "Add options to curl when install #{Chef::Dist::PRODUCT}.",
326
+ proc: Proc.new { |co| Chef::Config[:knife][:bootstrap_curl_options] = co }
327
+
328
+ # chef_vault_handler
329
+ option :bootstrap_vault_file,
330
+ long: "--bootstrap-vault-file VAULT_FILE",
331
+ description: "A JSON file with a list of vault(s) and item(s) to be updated."
332
+
333
+ # chef_vault_handler
334
+ option :bootstrap_vault_json,
335
+ long: "--bootstrap-vault-json VAULT_JSON",
336
+ description: "A JSON string with the vault(s) and item(s) to be updated."
337
+
338
+ # chef_vault_handler
339
+ option :bootstrap_vault_item,
340
+ long: "--bootstrap-vault-item VAULT_ITEM",
341
+ description: 'A single vault and item to update as "vault:item".',
342
+ proc: Proc.new { |i|
343
+ (vault, item) = i.split(/:/)
344
+ Chef::Config[:knife][:bootstrap_vault_item] ||= {}
345
+ Chef::Config[:knife][:bootstrap_vault_item][vault] ||= []
346
+ Chef::Config[:knife][:bootstrap_vault_item][vault].push(item)
347
+ Chef::Config[:knife][:bootstrap_vault_item]
348
+ }
349
+
350
+ # Deprecated options. These must be declared after
351
+ # regular options because they refer to the replacement
352
+ # option definitions implicitly.
353
+ deprecated_option :auth_timeout,
354
+ replacement: :max_wait,
355
+ long: "--max-wait SECONDS"
356
+
357
+ deprecated_option :forward_agent,
358
+ replacement: :ssh_forward_agent,
359
+ boolean: true, long: "--forward-agent"
360
+
361
+ deprecated_option :host_key_verify,
362
+ replacement: :ssh_verify_host_key,
363
+ boolean: true, long: "--[no-]host-key-verify",
364
+ value_mapper: Proc.new { |verify| verify ? "always" : "never" }
365
+
366
+ deprecated_option :prerelease,
367
+ replacement: :channel,
368
+ long: "--prerelease",
369
+ boolean: true, value_mapper: Proc.new { "current" }
370
+
371
+ deprecated_option :ssh_user,
372
+ replacement: :connection_user,
373
+ long: "--ssh-user USERNAME"
374
+
375
+ deprecated_option :ssh_password,
376
+ replacement: :connection_password,
377
+ long: "--ssh-password PASSWORD"
378
+
379
+ deprecated_option :ssh_port,
380
+ replacement: :connection_port,
381
+ long: "--ssh-port PASSWORD"
382
+
383
+ deprecated_option :ssl_peer_fingerprint,
384
+ replacement: :winrm_ssl_peer_fingerprint,
385
+ long: "--ssl-peer-fingerprint FINGERPRINT"
386
+
387
+ deprecated_option :winrm_user,
388
+ replacement: :connection_user,
389
+ long: "--winrm-user USERNAME", short: "-x USERNAME"
390
+
391
+ deprecated_option :winrm_password,
392
+ replacement: :connection_password,
393
+ long: "--winrm-password PASSWORD"
394
+
395
+ deprecated_option :winrm_port,
396
+ replacement: :connection_port,
397
+ long: "--winrm-port PORT"
398
+
399
+ deprecated_option :winrm_authentication_protocol,
400
+ replacement: :winrm_auth_method,
401
+ long: "--winrm-authentication-protocol PROTOCOL"
402
+
403
+ deprecated_option :winrm_session_timeout,
404
+ replacement: :session_timeout,
405
+ long: "--winrm-session-timeout MINUTES"
406
+
407
+ deprecated_option :winrm_ssl_verify_mode,
408
+ replacement: :winrm_no_verify_cert,
409
+ long: "--winrm-ssl-verify-mode MODE"
410
+
411
+ deprecated_option :winrm_transport, replacement: :winrm_ssl,
412
+ long: "--winrm-transport TRANSPORT",
413
+ value_mapper: Proc.new { |value| value == "ssl" }
414
+
415
+ attr_reader :connection
416
+
417
+ deps do
418
+ require "erubis" unless defined?(Erubis)
419
+
420
+ require_relative "../json_compat"
421
+ require_relative "../util/path_helper"
422
+ require_relative "bootstrap/chef_vault_handler"
423
+ require_relative "bootstrap/client_builder"
424
+ require_relative "bootstrap/train_connector"
425
+ end
426
+
427
+ banner "knife bootstrap [PROTOCOL://][USER@]FQDN (options)"
428
+
429
+ def client_builder
430
+ @client_builder ||= Chef::Knife::Bootstrap::ClientBuilder.new(
431
+ chef_config: Chef::Config,
432
+ knife_config: config,
433
+ ui: ui
434
+ )
435
+ end
436
+
437
+ def chef_vault_handler
438
+ @chef_vault_handler ||= Chef::Knife::Bootstrap::ChefVaultHandler.new(
439
+ knife_config: config,
440
+ ui: ui
441
+ )
442
+ end
443
+
444
+ # Determine if we need to accept the Chef Infra license locally in order to successfully bootstrap
445
+ # the remote node. Remote 'chef-client' run will fail if it is >= 15 and the license is not accepted locally.
446
+ def check_license
447
+ Chef::Log.debug("Checking if we need to accept Chef license to bootstrap node")
448
+ version = config[:bootstrap_version] || Chef::VERSION.split(".").first
449
+ acceptor = LicenseAcceptance::Acceptor.new(logger: Chef::Log, provided: Chef::Config[:chef_license])
450
+ if acceptor.license_required?("chef", version)
451
+ Chef::Log.debug("License acceptance required for chef version: #{version}")
452
+ license_id = acceptor.id_from_mixlib("chef")
453
+ acceptor.check_and_persist(license_id, version)
454
+ Chef::Config[:chef_license] ||= acceptor.acceptance_value
455
+ end
456
+ end
457
+
458
+ # The default bootstrap template to use to bootstrap a server.
459
+ # This is a public API hook which knife plugins use or inherit and override.
460
+ #
461
+ # @return [String] Default bootstrap template
462
+ def default_bootstrap_template
463
+ if connection.windows?
464
+ "windows-#{Chef::Dist::CLIENT}-msi"
465
+ else
466
+ "chef-full"
467
+ end
468
+ end
469
+
470
+ def host_descriptor
471
+ Array(@name_args).first
472
+ end
473
+
474
+ # The server_name is the DNS or IP we are going to connect to, it is not necessarily
475
+ # the node name, the fqdn, or the hostname of the server. This is a public API hook
476
+ # which knife plugins use or inherit and override.
477
+ #
478
+ # @return [String] The DNS or IP that bootstrap will connect to
479
+ def server_name
480
+ if host_descriptor
481
+ @server_name ||= host_descriptor.split("@").reverse[0]
482
+ end
483
+ end
484
+
485
+ # @return [String] The CLI specific bootstrap template or the default
486
+ def bootstrap_template
487
+ # Allow passing a bootstrap template or use the default
488
+ config[:bootstrap_template] || default_bootstrap_template
489
+ end
490
+
491
+ def find_template
492
+ template = bootstrap_template
493
+
494
+ # Use the template directly if it's a path to an actual file
495
+ if File.exists?(template)
496
+ Chef::Log.trace("Using the specified bootstrap template: #{File.dirname(template)}")
497
+ return template
498
+ end
499
+
500
+ # Otherwise search the template directories until we find the right one
501
+ bootstrap_files = []
502
+ bootstrap_files << File.join(File.dirname(__FILE__), "bootstrap/templates", "#{template}.erb")
503
+ bootstrap_files << File.join(Knife.chef_config_dir, "bootstrap", "#{template}.erb") if Chef::Knife.chef_config_dir
504
+ Chef::Util::PathHelper.home(".chef", "bootstrap", "#{template}.erb") { |p| bootstrap_files << p }
505
+ bootstrap_files << Gem.find_files(File.join("chef", "knife", "bootstrap", "#{template}.erb"))
506
+ bootstrap_files.flatten!
507
+
508
+ template_file = Array(bootstrap_files).find do |bootstrap_template|
509
+ Chef::Log.trace("Looking for bootstrap template in #{File.dirname(bootstrap_template)}")
510
+ File.exists?(bootstrap_template)
511
+ end
512
+
513
+ unless template_file
514
+ ui.info("Can not find bootstrap definition for #{template}")
515
+ raise Errno::ENOENT
516
+ end
517
+
518
+ Chef::Log.trace("Found bootstrap template: #{template_file}")
519
+
520
+ template_file
521
+ end
522
+
523
+ def secret
524
+ @secret ||= encryption_secret_provided_ignore_encrypt_flag? ? read_secret : nil
525
+ end
526
+
527
+ # Establish bootstrap context for template rendering.
528
+ # Requires connection to be a live connection in order to determine
529
+ # the correct platform.
530
+ def bootstrap_context
531
+ @bootstrap_context ||=
532
+ if connection.windows?
533
+ require_relative "core/windows_bootstrap_context"
534
+ Knife::Core::WindowsBootstrapContext.new(config, config[:run_list], Chef::Config, secret)
535
+ else
536
+ require_relative "core/bootstrap_context"
537
+ Knife::Core::BootstrapContext.new(config, config[:run_list], Chef::Config, secret)
538
+ end
539
+ end
540
+
541
+ def first_boot_attributes
542
+ @config[:first_boot_attributes] || @config[:first_boot_attributes_from_file] || {}
543
+ end
544
+
545
+ def render_template
546
+ @config[:first_boot_attributes] = first_boot_attributes
547
+ template_file = find_template
548
+ template = IO.read(template_file).chomp
549
+ Erubis::Eruby.new(template).evaluate(bootstrap_context)
550
+ end
551
+
552
+ def run
553
+ check_license
554
+
555
+ plugin_setup!
556
+ validate_name_args!
557
+ validate_protocol!
558
+ validate_first_boot_attributes!
559
+ validate_winrm_transport_opts!
560
+ validate_policy_options!
561
+ plugin_validate_options!
562
+
563
+ winrm_warn_no_ssl_verification
564
+ warn_on_short_session_timeout
565
+
566
+ plugin_create_instance!
567
+ $stdout.sync = true
568
+ connect!
569
+ register_client
570
+
571
+ content = render_template
572
+ bootstrap_path = upload_bootstrap(content)
573
+ perform_bootstrap(bootstrap_path)
574
+ plugin_finalize
575
+ ensure
576
+ connection.del_file!(bootstrap_path) if connection && bootstrap_path
577
+ end
578
+
579
+ def register_client
580
+ # chef-vault integration must use the new client-side hawtness, otherwise to use the
581
+ # new client-side hawtness, just delete your validation key.
582
+ if chef_vault_handler.doing_chef_vault? ||
583
+ (Chef::Config[:validation_key] &&
584
+ !File.exist?(File.expand_path(Chef::Config[:validation_key])))
585
+
586
+ unless config[:chef_node_name]
587
+ ui.error("You must pass a node name with -N when bootstrapping with user credentials")
588
+ exit 1
589
+ end
590
+ client_builder.run
591
+ chef_vault_handler.run(client_builder.client)
592
+
593
+ bootstrap_context.client_pem = client_builder.client_path
594
+ else
595
+ ui.info <<~EOM
596
+ Performing legacy client registration with the validation key at #{Chef::Config[:validation_key]}...
597
+ Delete your validation key in order to use your user credentials for client registration instead.
598
+ EOM
599
+
600
+ end
601
+ end
602
+
603
+ def perform_bootstrap(remote_bootstrap_script_path)
604
+ ui.info("Bootstrapping #{ui.color(server_name, :bold)}")
605
+ cmd = bootstrap_command(remote_bootstrap_script_path)
606
+ r = connection.run_command(cmd) do |data|
607
+ ui.msg("#{ui.color(" [#{connection.hostname}]", :cyan)} #{data}")
608
+ end
609
+ if r.exit_status != 0
610
+ ui.error("The following error occurred on #{server_name}:")
611
+ ui.error(r.stderr)
612
+ exit 1
613
+ end
614
+ end
615
+
616
+ def connect!
617
+ ui.info("Connecting to #{ui.color(server_name, :bold)}")
618
+ opts = connection_opts.dup
619
+ do_connect(opts)
620
+ rescue Train::Error => e
621
+ # We handle these by message text only because train only loads the
622
+ # transports and protocols that it needs - so the exceptions may not be defined,
623
+ # and we don't want to require files internal to train.
624
+ if e.message =~ /fingerprint (\S+) is unknown for "(.+)"/ # Train::Transports::SSHFailed
625
+ fingerprint = $1
626
+ hostname, ip = $2.split(",")
627
+ # TODO: convert the SHA256 base64 value to hex with colons
628
+ # 'ssh' example output:
629
+ # RSA key fingerprint is e5:cb:c0:e2:21:3b:12:52:f8:ce:cb:00:24:e2:0c:92.
630
+ # ECDSA key fingerprint is 5d:67:61:08:a9:d7:01:fd:5e:ae:7e:09:40:ef:c0:3c.
631
+ # will exit 3 on N
632
+ ui.confirm <<~EOM
633
+ The authenticity of host '#{hostname} (#{ip})' can't be established.
634
+ fingerprint is #{fingerprint}.
635
+
636
+ Are you sure you want to continue connecting
637
+ EOM
638
+ # FIXME: this should save the key to known_hosts but doesn't appear to be
639
+ config[:ssh_verify_host_key] = :accept_new
640
+ do_connect(connection_opts(reset: true))
641
+ elsif ssh? && e.cause && e.cause.class == Net::SSH::AuthenticationFailed
642
+ if connection.password_auth?
643
+ raise
644
+ else
645
+ ui.warn("Failed to authenticate #{opts[:user]} to #{server_name} - trying password auth")
646
+ password = ui.ask("Enter password for #{opts[:user]}@#{server_name}.") do |q|
647
+ q.echo = false
648
+ end
649
+ end
650
+ opts.merge! force_ssh_password_opts(password)
651
+ do_connect(opts)
652
+ else
653
+ raise
654
+ end
655
+ end
656
+
657
+ def handle_ssh_error(e)
658
+ end
659
+
660
+ # url values override CLI flags, if you provide both
661
+ # we'll use the one that you gave in the URL.
662
+ def connection_protocol
663
+ return @connection_protocol if @connection_protocol
664
+ from_url = host_descriptor =~ /^(.*):\/\// ? $1 : nil
665
+ from_cli = config[:connection_protocol]
666
+ from_knife = Chef::Config[:knife][:connection_protocol]
667
+ @connection_protocol = from_url || from_cli || from_knife || "ssh"
668
+ end
669
+
670
+ def do_connect(conn_options)
671
+ @connection = TrainConnector.new(host_descriptor, connection_protocol, conn_options)
672
+ connection.connect!
673
+ end
674
+
675
+ # Fail if both first_boot_attributes and first_boot_attributes_from_file
676
+ # are set.
677
+ def validate_first_boot_attributes!
678
+ if @config[:first_boot_attributes] && @config[:first_boot_attributes_from_file]
679
+ raise Chef::Exceptions::BootstrapCommandInputError
680
+ end
681
+ true
682
+ end
683
+
684
+ # Fail if using plaintext auth without ssl because
685
+ # this can expose keys in plaintext on the wire.
686
+ # TODO test for this method
687
+ # TODO check that the protoocol is valid.
688
+ def validate_winrm_transport_opts!
689
+ return true unless winrm?
690
+
691
+ if Chef::Config[:validation_key] && !File.exist?(File.expand_path(Chef::Config[:validation_key]))
692
+ if config_value(:winrm_auth_method) == "plaintext" &&
693
+ config_value(:winrm_ssl) != true
694
+ ui.error <<~EOM
695
+ Validatorless bootstrap over unsecure winrm channels could expose your
696
+ key to network sniffing.
697
+ Please use a 'winrm_auth_method' other than 'plaintext',
698
+ or enable ssl on #{server_name} then use the ---winrm-ssl flag
699
+ to connect.
700
+ EOM
701
+
702
+ exit 1
703
+ end
704
+ end
705
+ true
706
+ end
707
+
708
+ # fail if the server_name is nil
709
+ def validate_name_args!
710
+ if server_name.nil?
711
+ ui.error("Must pass an FQDN or ip to bootstrap")
712
+ exit 1
713
+ end
714
+ end
715
+
716
+ # Ensure options are valid by checking policyfile values.
717
+ #
718
+ # The method call will cause the program to exit(1) if:
719
+ # * Only one of --policy-name and --policy-group is specified
720
+ # * Policyfile options are set and --run-list is set as well
721
+ #
722
+ # @return [TrueClass] If options are valid.
723
+ def validate_policy_options!
724
+ if incomplete_policyfile_options?
725
+ ui.error("--policy-name and --policy-group must be specified together")
726
+ exit 1
727
+ elsif policyfile_and_run_list_given?
728
+ ui.error("Policyfile options and --run-list are exclusive")
729
+ exit 1
730
+ end
731
+ end
732
+
733
+ # Ensure a valid protocol is provided for target host connection
734
+ #
735
+ # The method call will cause the program to exit(1) if:
736
+ # * Conflicting protocols are given via the target URI and the --protocol option
737
+ # * The protocol is not a supported protocol
738
+ #
739
+ # @return [TrueClass] If options are valid.
740
+ def validate_protocol!
741
+ from_cli = config[:connection_protocol]
742
+ if from_cli && connection_protocol != from_cli
743
+ # Hanging indent to align with the ERROR: prefix
744
+ ui.error <<~EOM
745
+ The URL '#{host_descriptor}' indicates protocol is '#{connection_protocol}'
746
+ while the --protocol flag specifies '#{from_cli}'. Please include
747
+ only one or the other.
748
+ EOM
749
+ exit 1
750
+ end
751
+
752
+ unless SUPPORTED_CONNECTION_PROTOCOLS.include?(connection_protocol)
753
+ ui.error <<~EOM
754
+ Unsupported protocol '#{connection_protocol}'.
755
+
756
+ Supported protocols are: #{SUPPORTED_CONNECTION_PROTOCOLS.join(" ")}
757
+ EOM
758
+ exit 1
759
+ end
760
+ true
761
+ end
762
+
763
+ # Validate any additional options
764
+ #
765
+ # Plugins that subclass bootstrap, e.g. knife-ec2, can use this method to validate any additonal options before any other actions are executed
766
+ #
767
+ # @return [TrueClass] If options are valid or exits
768
+ def plugin_validate_options!
769
+ true
770
+ end
771
+
772
+ # Create the server that we will bootstrap, if necessary
773
+ #
774
+ # Plugins that subclass bootstrap, e.g. knife-ec2, can use this method to call out to an API to build an instance of the server we wish to bootstrap
775
+ #
776
+ # @return [TrueClass] If instance successfully created, or exits
777
+ def plugin_create_instance!
778
+ true
779
+ end
780
+
781
+ # Perform any setup necessary by the plugin
782
+ #
783
+ # Plugins that subclass bootstrap, e.g. knife-ec2, can use this method to create connection objects
784
+ #
785
+ # @return [TrueClass] If instance successfully created, or exits
786
+ def plugin_setup!
787
+ end
788
+
789
+ # Perform any teardown or cleanup necessary by the plugin
790
+ #
791
+ # Plugins that subclass bootstrap, e.g. knife-ec2, can use this method to display a message or perform any cleanup
792
+ #
793
+ # @return [void]
794
+ def plugin_finalize
795
+ end
796
+
797
+ # If session_timeout is too short, it is likely
798
+ # a holdover from "--winrm-session-timeout" which used
799
+ # minutes as its unit, instead of seconds.
800
+ # Warn the human so that they are not surprised.
801
+ #
802
+ def warn_on_short_session_timeout
803
+ if session_timeout && session_timeout <= 15
804
+ ui.warn <<~EOM
805
+ You provided '--session-timeout #{session_timeout}' second(s).
806
+ Did you mean '--session-timeout #{session_timeout * 60}' seconds?
807
+ EOM
808
+ end
809
+ end
810
+
811
+ def winrm_warn_no_ssl_verification
812
+ return unless winrm?
813
+
814
+ # REVIEWER NOTE
815
+ # The original check from knife plugin did not include winrm_ssl_peer_fingerprint
816
+ # Reference:
817
+ # https://github.com/chef/knife-windows/blob/92d151298142be4a4750c5b54bb264f8d5b81b8a/lib/chef/knife/winrm_knife_base.rb#L271-L273
818
+ # TODO Seems like we should also do a similar warning if ssh_verify_host == false
819
+ if config_value(:ca_trust_file).nil? &&
820
+ config_value(:winrm_no_verify_cert) &&
821
+ config_value(:winrm_ssl_peer_fingerprint).nil?
822
+ ui.warn <<~WARN
823
+ * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
824
+ SSL validation of HTTPS requests for the WinRM transport is disabled.
825
+ HTTPS WinRM connections are still encrypted, but knife is not able
826
+ to detect forged replies or spoofing attacks.
827
+
828
+ To work around this issue you can use the flag `--winrm-no-verify-cert`
829
+ or add an entry like this to your knife configuration file:
830
+
831
+ # Verify all WinRM HTTPS connections
832
+ knife[:winrm_no_verify_cert] = true
833
+
834
+ You can also specify a ca_trust_file via --ca-trust-file,
835
+ or the expected fingerprint of the target host's certificate
836
+ via --winrm-ssl-peer-fingerprint.
837
+ WARN
838
+ end
839
+ end
840
+
841
+ # @return a configuration hash suitable for connecting to the remote
842
+ # host via train
843
+ def connection_opts(reset: false)
844
+ return @connection_opts unless @connection_opts.nil? || reset == true
845
+ @connection_opts = {}
846
+ @connection_opts.merge! base_opts
847
+ @connection_opts.merge! host_verify_opts
848
+ @connection_opts.merge! gateway_opts
849
+ @connection_opts.merge! sudo_opts
850
+ @connection_opts.merge! winrm_opts
851
+ @connection_opts.merge! ssh_opts
852
+ @connection_opts.merge! ssh_identity_opts
853
+ @connection_opts
854
+ end
855
+
856
+ def winrm?
857
+ connection_protocol == "winrm"
858
+ end
859
+
860
+ def ssh?
861
+ connection_protocol == "ssh"
862
+ end
863
+
864
+ # Common configuration for all protocols
865
+ def base_opts
866
+ port = config_value(:connection_port,
867
+ knife_key_for_protocol(connection_protocol, :port))
868
+ user = config_value(:connection_user,
869
+ knife_key_for_protocol(connection_protocol, :user))
870
+ {}.tap do |opts|
871
+ opts[:logger] = Chef::Log
872
+ # We do not store password in Chef::Config, so only use CLI `config` here
873
+ opts[:password] = config[:connection_password] if config.key?(:connection_password)
874
+ opts[:user] = user if user
875
+ opts[:max_wait_until_ready] = config_value(:max_wait).to_f unless config_value(:max_wait).nil?
876
+ # TODO - when would we need to provide rdp_port vs port? Or are they not mutually exclusive?
877
+ opts[:port] = port if port
878
+ end
879
+ end
880
+
881
+ def host_verify_opts
882
+ if winrm?
883
+ { self_signed: config_value(:winrm_no_verify_cert) === true }
884
+ elsif ssh?
885
+ # Fall back to the old knife config key name for back compat.
886
+ { verify_host_key: config_value(:ssh_verify_host_key, :host_key_verify, "always") }
887
+ else
888
+ {}
889
+ end
890
+ end
891
+
892
+ def ssh_opts
893
+ opts = {}
894
+ return opts if winrm?
895
+ opts[:pty] = true # ensure we can talk to systems with requiretty set true in sshd config
896
+ opts[:non_interactive] = true # Prevent password prompts from underlying net/ssh
897
+ opts[:forward_agent] = (config_value(:ssh_forward_agent) === true)
898
+ opts[:connection_timeout] = session_timeout
899
+ opts
900
+ end
901
+
902
+ def ssh_identity_opts
903
+ opts = {}
904
+ return opts if winrm?
905
+ identity_file = config_value(:ssh_identity_file)
906
+ if identity_file
907
+ opts[:key_files] = [identity_file]
908
+ # We only set keys_only based on the explicit ssh_identity_file;
909
+ # someone may use a gateway key and still expect password auth
910
+ # on the target. Similarly, someone may have a default key specified
911
+ # in knife config, but have provided a password on the CLI.
912
+
913
+ # REVIEW NOTE: this is a new behavior. Originally, ssh_identity_file
914
+ # could only be populated from CLI options, so there was no need to check
915
+ # for this. We will also set keys_only to false only if there are keys
916
+ # and no password.
917
+ # If both are present, train(via net/ssh) will prefer keys, falling back to password.
918
+ # Reference: https://github.com/chef/chef/blob/master/lib/chef/knife/ssh.rb#L272
919
+ opts[:keys_only] = config.key?(:connection_password) == false
920
+ else
921
+ opts[:key_files] = []
922
+ opts[:keys_only] = false
923
+ end
924
+
925
+ gateway_identity_file = config_value(:ssh_gateway) ? config_value(:ssh_gateway_identity) : nil
926
+ unless gateway_identity_file.nil?
927
+ opts[:key_files] << gateway_identity_file
928
+ end
929
+
930
+ opts
931
+ end
932
+
933
+ def gateway_opts
934
+ opts = {}
935
+ if config_value(:ssh_gateway)
936
+ split = config_value(:ssh_gateway).split("@", 2)
937
+ if split.length == 1
938
+ gw_host = split[0]
939
+ else
940
+ gw_user = split[0]
941
+ gw_host = split[1]
942
+ end
943
+ gw_host, gw_port = gw_host.split(":", 2)
944
+ # TODO - validate convertable port in config validation?
945
+ gw_port = Integer(gw_port) rescue nil
946
+ opts[:bastion_host] = gw_host
947
+ opts[:bastion_user] = gw_user
948
+ opts[:bastion_port] = gw_port
949
+ end
950
+ opts
951
+ end
952
+
953
+ # use_sudo - tells bootstrap to use the sudo command to run bootstrap
954
+ # use_sudo_password - tells bootstrap to use the sudo command to run bootstrap
955
+ # and to use the password specified with --password
956
+ # TODO: I'd like to make our sudo options sane:
957
+ # --sudo (bool) - use sudo
958
+ # --sudo-password PASSWORD (default: :password) - use this password for sudo
959
+ # --sudo-options "opt,opt,opt" to pass into sudo
960
+ # --sudo-command COMMAND sudo command other than sudo
961
+ # REVIEW NOTE: knife bootstrap did not pull sudo values from Chef::Config,
962
+ # should we change that for consistency?
963
+ def sudo_opts
964
+ return {} if winrm?
965
+ opts = { sudo: false }
966
+ if config[:use_sudo]
967
+ opts[:sudo] = true
968
+ if config[:use_sudo_password]
969
+ opts[:sudo_password] = config[:connection_password]
970
+ end
971
+ if config[:preserve_home]
972
+ opts[:sudo_options] = "-H"
973
+ end
974
+ end
975
+ opts
976
+ end
977
+
978
+ def winrm_opts
979
+ return {} unless winrm?
980
+ auth_method = config_value(:winrm_auth_method, :winrm_auth_method, "negotiate")
981
+ opts = {
982
+ winrm_transport: auth_method, # winrm gem and train calls auth method 'transport'
983
+ winrm_basic_auth_only: config_value(:winrm_basic_auth_only) || false,
984
+ ssl: config_value(:winrm_ssl) === true,
985
+ ssl_peer_fingerprint: config_value(:winrm_ssl_peer_fingerprint),
986
+ }
987
+
988
+ if auth_method == "kerberos"
989
+ opts[:kerberos_service] = config_value(:kerberos_service) if config_value(:kerberos_service)
990
+ opts[:kerberos_realm] = config_value(:kerberos_realm) if config_value(:kerberos_service)
991
+ end
992
+
993
+ if config_value(:ca_trust_file)
994
+ opts[:ca_trust_path] = config_value(:ca_trust_file)
995
+ end
996
+
997
+ opts[:operation_timeout] = session_timeout
998
+
999
+ opts
1000
+ end
1001
+
1002
+ # Config overrides to force password auth.
1003
+ def force_ssh_password_opts(password)
1004
+ {
1005
+ password: password,
1006
+ non_interactive: false,
1007
+ keys_only: false,
1008
+ key_files: [],
1009
+ auth_methods: [:password, :keyboard_interactive],
1010
+ }
1011
+ end
1012
+
1013
+ # Looks up configuration entries, first in the class member
1014
+ # `config` which contains options populated from CLI flags.
1015
+ # If the entry is not found there, Chef::Config[:knife][KEY]
1016
+ # is checked.
1017
+ #
1018
+ # knife_config_key should be specified if the knife config lookup
1019
+ # key is different from the CLI flag lookup key.
1020
+ #
1021
+ def config_value(key, knife_config_key = nil, default = nil)
1022
+ if config.key? key
1023
+ config[key]
1024
+ else
1025
+ lookup_key = knife_config_key || key
1026
+ if Chef::Config[:knife].key?(lookup_key) || config.key?(lookup_key)
1027
+ Chef::Config[:knife][lookup_key] || config[lookup_key]
1028
+ else
1029
+ default
1030
+ end
1031
+ end
1032
+ end
1033
+
1034
+ def upload_bootstrap(content)
1035
+ script_name = connection.windows? ? "bootstrap.bat" : "bootstrap.sh"
1036
+ remote_path = connection.normalize_path(File.join(connection.temp_dir, script_name))
1037
+ connection.upload_file_content!(content, remote_path)
1038
+ remote_path
1039
+ end
1040
+
1041
+ # build the command string for bootrapping
1042
+ # @return String
1043
+ def bootstrap_command(remote_path)
1044
+ if connection.windows?
1045
+ "cmd.exe /C #{remote_path}"
1046
+ else
1047
+ "sh #{remote_path}"
1048
+ end
1049
+ end
1050
+
1051
+ # To avoid cluttering the CLI options, some flags (such as port and user)
1052
+ # are shared between protocols. However, there is still a need to allow the operator
1053
+ # to specify defaults separately, since they may not be the same values for different
1054
+ # protocols.
1055
+
1056
+ # These keys are available in Chef::Config, and are prefixed with the protocol name.
1057
+ # For example, :user CLI option will map to :winrm_user and :ssh_user Chef::Config keys,
1058
+ # based on the connection protocol in use.
1059
+ def knife_key_for_protocol(protocol, option)
1060
+ "#{connection_protocol}_#{option}".to_sym
1061
+ end
1062
+
1063
+ private
1064
+
1065
+ # True if policy_name and run_list are both given
1066
+ def policyfile_and_run_list_given?
1067
+ run_list_given? && policyfile_options_given?
1068
+ end
1069
+
1070
+ def run_list_given?
1071
+ !config[:run_list].nil? && !config[:run_list].empty?
1072
+ end
1073
+
1074
+ def policyfile_options_given?
1075
+ !!config[:policy_name]
1076
+ end
1077
+
1078
+ # True if one of policy_name or policy_group was given, but not both
1079
+ def incomplete_policyfile_options?
1080
+ (!!config[:policy_name] ^ config[:policy_group])
1081
+ end
1082
+
1083
+ # session_timeout option has a default that may not arrive, particularly if
1084
+ # we're being invoked from a plugin that doesn't merge_config.
1085
+ def session_timeout
1086
+ timeout = config_value(:session_timeout)
1087
+ return options[:session_timeout][:default] if timeout.nil?
1088
+ timeout.to_i
1089
+ end
1090
+ end
1091
+ end
1092
+ end